CVE-2022-24884

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 06-05-2022 02:15

Last modified: - 16-05-2022 08:08

Total changes: - 5

Description

ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify). `ecdsa_verify_[prepare_]legacy()` does not check whether the signature values `r` and `s` are non-zero. A signature consisting only of zeroes is always considered valid, making it trivial to forge signatures. Requiring multiple signatures from different public keys does not mitigate the issue: `ecdsa_verify_list_legacy()` will accept an arbitrary number of such forged signatures. Both the `ecdsautil verify` CLI command and the libecdsautil library are affected. The issue has been fixed in ecdsautils 0.4.1. All older versions of ecdsautils (including versions before the split into a library and a CLI utility) are vulnerable.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

None

Confidentiality

High

Integrity

None

Privileges required

Unchanged

Scope

None

User interaction

7.5

Base score

3.9

3.6

Exploitability score

Impact score

Verification logic

vendor=ecdsautils_project AND product=ecdsautils AND versionEndExcluding=0.4.1

vendor=fedoraproject AND product=fedora AND version=34

vendor=fedoraproject AND product=fedora AND version=35

vendor=fedoraproject AND product=fedora AND version=36

vendor=Debian AND product=debian_linux AND version=9.0

vendor=Debian AND product=debian_linux AND version=10.0

vendor=Debian AND product=debian_linux AND version=11.0

Reference

https://github.com/freifunk-gluon/ecdsautils/commit/1d4b091abdf15ad7b2312535b5b95ad70f6dbd08
https://github.com/freifunk-gluon/ecdsautils/security/advisories/GHSA-qhcg-9ffp-78pw
https://github.com/freifunk-gluon/ecdsautils/commit/39b6d0a77414fd41614953a0e185c4eefa2f88ad
[debian-lts-announce] 20220507 [SECURITY] [DLA 2997-1] ecdsautils security update-Mailing List, Third Party Advisory
DSA-5132-Third Party Advisory
FEDORA-2022-111177a5ac-Mailing List, Third Party Advisory
FEDORA-2022-bf58612696-Mailing List, Third Party Advisory
FEDORA-2022-7704d5e885-Mailing List, Third Party Advisory

Keywords

CVE-2022-24884

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2022-24884

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures