vulnerability
FreeBSD: VID-80f9dbd3-8eec-11eb-b9e8-3525f51429a0: nettle 3.7.2 -- fix serious ECDSA signature verify bug
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Mar 27, 2021 | Mar 28, 2021 | Dec 10, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Mar 27, 2021
Added
Mar 28, 2021
Modified
Dec 10, 2025
Description
Niels Möller reports: I've prepared a new bug-fix release of Nettle, a low-level cryptographics library, to fix a serious bug in the function to verify ECDSA signatures. Implications include an assertion failure, which could be used for denial-of-service, when verifying signatures on the secp_224r1 and secp521_r1 curves. Even when no assert is triggered in ecdsa_verify, ECC point multiplication may get invalid intermediate values as input, and produce incorrect results. [...] It appears difficult to construct an alleged signature that makes the function misbehave in such a way that an invalid signature is accepted as valid, but such attacks can't be ruled out without further analysis.
Solutions
freebsd-upgrade-package-nettlefreebsd-upgrade-package-linux-c7-nettle
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.