data/reports/GO-2022-0435.yaml

id: GO-2022-0435
modules:
    - module: std
      versions:
        - fixed: 1.17.9
        - introduced: 1.18.0-0
          fixed: 1.18.1
      vulnerable_at: 1.18.0
      packages:
        - package: crypto/elliptic
          symbols:
            - p256GetScalar
          derived_symbols:
            - CurveParams.ScalarBaseMult
            - CurveParams.ScalarMult
            - p256Curve.CombinedMult
            - p256Curve.ScalarBaseMult
            - p256Curve.ScalarMult
summary: Panic due to large inputs affecting P-256 curves in crypto/elliptic
description: |-
    A crafted scalar input longer than 32 bytes can cause P256().ScalarMult or
    P256().ScalarBaseMult to panic. Indirect uses through crypto/ecdsa and
    crypto/tls are unaffected. amd64, arm64, ppc64le, and s390x are unaffected.
published: 2022-05-20T21:17:46Z
cves:
    - CVE-2022-28327
credits:
    - Project Wycheproof
references:
    - fix: https://go.dev/cl/397135
    - fix: https://go.googlesource.com/go/+/37065847d87df92b5eb246c88ba2085efcf0b331
    - report: https://go.dev/issue/52075
    - web: https://groups.google.com/g/golang-announce/c/oecdBNLOml8