ECDSA Vulnerabilities in Botan Library Affecting Multiple Versions
CVE-2016-2849

7.5HIGH

Key Information:

Vendor

Debian
Status
Debian Linux
Fedora
Vendor
CVE Published:
13 May 2016

What is CVE-2016-2849?

The Botan Cryptography Library, specifically versions prior to 1.10.13 and all 1.11.x versions before 1.11.29, is vulnerable due to its failure to employ a constant-time algorithm for calculating the modular inverse on the signature nonce k. This oversight exposes ECDSA secret keys to potential remote attackers who can exploit timing side-channel mechanisms to retrieve sensitive cryptographic material, compromising the security and integrity of systems utilizing this library.

References

http://lists.fedoraproject.org/pipermail/package-announce...
vendor-advisoryx_refsource_FEDORA
http://www.debian.org/security/2016/dsa-3565
vendor-advisoryx_refsource_DEBIAN
http://marc.info/?l=botan-devel&m=146185420505943&w=2
mailing-listx_refsource_MLIST

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.