MidnightBSD

Advisories for nettle_project

CVE-2015-8803 HIGH

The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than CVE-2015-8805.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-254,CWE-310,

Products Affected

Vendor Product Version
opensuse opensuse 13.2
opensuse leap 42.1
canonical ubuntu_linux 15.10
opensuse opensuse 13.1
canonical ubuntu_linux 14.04
nettle_project nettle *
CVE-2015-8804 HIGH

x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-254,CWE-310,

Products Affected

Vendor Product Version
opensuse opensuse 13.2
opensuse leap 42.1
canonical ubuntu_linux 15.10
opensuse opensuse 13.1
canonical ubuntu_linux 14.04
nettle_project nettle *
CVE-2015-8805 HIGH

The ecc_256_modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than CVE-2015-8803.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-310,

Products Affected

Vendor Product Version
opensuse opensuse 13.2
opensuse leap 42.1
canonical ubuntu_linux 15.10
opensuse opensuse 13.1
canonical ubuntu_linux 14.04
nettle_project nettle *
CVE-2016-6489 MEDIUM

The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-203,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
canonical ubuntu_linux 12.04
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_hpc_node 7.0
canonical ubuntu_linux 14.04
canonical ubuntu_linux 16.10
nettle_project nettle *
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server 7.0
CVE-2018-16869 LOW

A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversion of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run a process on the same physical core as the victim process, could use this flaw extract plaintext or in some cases downgrade any TLS connections to a vulnerable server.

CVSS 2.0

Severity: LOW

Problem Type: CWE-203,CWE-203,

Products Affected

Vendor Product Version
nettle_project nettle *
CVE-2021-20305 MEDIUM

A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-327,CWE-787,

Products Affected

Vendor Product Version
netapp active_iq_unified_manager -
netapp ontap_select_deploy_administration_utility -
redhat enterprise_linux 8.0
debian debian_linux 10.0
redhat enterprise_linux 7.0
nettle_project nettle *
fedoraproject fedora 33
debian debian_linux 9.0
CVE-2021-3580 MEDIUM

A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,CWE-20,

Products Affected

Vendor Product Version
netapp ontap_select_deploy_administration_utility -
redhat enterprise_linux 8.0
redhat enterprise_linux 7.0
nettle_project nettle *
debian debian_linux 9.0
CVE-2023-36660

The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption.

Products Affected

Vendor Product Version
nettle_project nettle 3.9