CVE-2015-8803

The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than CVE-2015-8805.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:nettle_project:nettle:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*

Information

Published : 2016-02-23 11:59

Updated : 2018-10-30 09:27


NVD link : CVE-2015-8803

Mitre link : CVE-2015-8803


JSON object : View

CWE
CWE-310

Cryptographic Issues

CWE-254

7PK - Security Features

Advertisement

dedicated server usa

Products Affected

nettle_project

  • nettle

canonical

  • ubuntu_linux

opensuse

  • opensuse
  • leap