Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for crypto/internal/nistec by Go standard library

    CVE-2025-22866 (GCVE-0-2025-22866)

    Vulnerability from nvd – Published: 2025-02-06 16:54 – Updated: 2025-02-21 18:03
    VLAI
    Title
    Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec
    Summary
    Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Due to the way this function is used, we do not believe this leakage is enough to allow recovery of the private key when P-256 is used in any well known protocols.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-208 - Observable Timing Discrepancy
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library crypto/internal/nistec Affected: 0 , < 1.22.12 (semver)
    Affected: 1.23.0-0 , < 1.23.6 (semver)
    Affected: 1.24.0-0 , < 1.24.0-rc.3 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-22866",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-10T20:40:17.232803Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-11T14:47:25.778Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-02-21T18:03:36.215Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://security.netapp.com/advisory/ntap-20250221-0002/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "crypto/internal/nistec",
              "product": "crypto/internal/nistec",
              "programRoutines": [
                {
                  "name": "p256NegCond"
                },
                {
                  "name": "P256Point.ScalarBaseMult"
                },
                {
                  "name": "P256Point.ScalarMult"
                },
                {
                  "name": "P256Point.SetBytes"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.22.12",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.23.6",
                  "status": "affected",
                  "version": "1.23.0-0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.24.0-rc.3",
                  "status": "affected",
                  "version": "1.24.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Due to the way this function is used, we do not believe this leakage is enough to allow recovery of the private key when P-256 is used in any well known protocols."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-208: Observable Timing Discrepancy",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-06T16:54:10.252Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/643735"
            },
            {
              "url": "https://go.dev/issue/71383"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2025-3447"
            }
          ],
          "title": "Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2025-22866",
        "datePublished": "2025-02-06T16:54:10.252Z",
        "dateReserved": "2025-01-08T19:11:42.834Z",
        "dateUpdated": "2025-02-21T18:03:36.215Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-24532 (GCVE-0-2023-24532)

    Vulnerability from nvd – Published: 2023-03-08 19:40 – Updated: 2024-08-02 10:56
    VLAI
    Title
    Incorrect calculation on P256 curves in crypto/internal/nistec
    Summary
    The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (a scalar larger than the order of the curve). This does not impact usages of crypto/ecdsa or crypto/ecdh.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library crypto/internal/nistec Affected: 0 , < 1.19.7 (semver)
    Affected: 1.20.0-0 , < 1.20.2 (semver)
    Create a notification for this product.
    Credits
    Guido Vranken, via the Ethereum Foundation bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T10:56:04.340Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://security.netapp.com/advisory/ntap-20230331-0011/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/58647"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/471255"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2023-1621"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-24532",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-01T15:58:31.679478Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-01T15:58:40.921Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "crypto/internal/nistec",
              "product": "crypto/internal/nistec",
              "programRoutines": [
                {
                  "name": "P256Point.ScalarBaseMult"
                },
                {
                  "name": "P256Point.ScalarMult"
                },
                {
                  "name": "P256OrdInverse"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.19.7",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.20.2",
                  "status": "affected",
                  "version": "1.20.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Guido Vranken, via the Ethereum Foundation bug bounty program"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (a scalar larger than the order of the curve). This does not impact usages of crypto/ecdsa or crypto/ecdh."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-682: Incorrect Calculation",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-12T19:07:52.290Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/58647"
            },
            {
              "url": "https://go.dev/cl/471255"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2023-1621"
            }
          ],
          "title": "Incorrect calculation on P256 curves in crypto/internal/nistec"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2023-24532",
        "datePublished": "2023-03-08T19:40:45.425Z",
        "dateReserved": "2023-01-25T21:19:20.641Z",
        "dateUpdated": "2024-08-02T10:56:04.340Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-22866 (GCVE-0-2025-22866)

    Vulnerability from cvelistv5 – Published: 2025-02-06 16:54 – Updated: 2025-02-21 18:03
    VLAI
    Title
    Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec
    Summary
    Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Due to the way this function is used, we do not believe this leakage is enough to allow recovery of the private key when P-256 is used in any well known protocols.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-208 - Observable Timing Discrepancy
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library crypto/internal/nistec Affected: 0 , < 1.22.12 (semver)
    Affected: 1.23.0-0 , < 1.23.6 (semver)
    Affected: 1.24.0-0 , < 1.24.0-rc.3 (semver)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "NONE",
                  "baseScore": 4,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-22866",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-10T20:40:17.232803Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-11T14:47:25.778Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-02-21T18:03:36.215Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://security.netapp.com/advisory/ntap-20250221-0002/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "crypto/internal/nistec",
              "product": "crypto/internal/nistec",
              "programRoutines": [
                {
                  "name": "p256NegCond"
                },
                {
                  "name": "P256Point.ScalarBaseMult"
                },
                {
                  "name": "P256Point.ScalarMult"
                },
                {
                  "name": "P256Point.SetBytes"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.22.12",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.23.6",
                  "status": "affected",
                  "version": "1.23.0-0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.24.0-rc.3",
                  "status": "affected",
                  "version": "1.24.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Due to the way this function is used, we do not believe this leakage is enough to allow recovery of the private key when P-256 is used in any well known protocols."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-208: Observable Timing Discrepancy",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-06T16:54:10.252Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/cl/643735"
            },
            {
              "url": "https://go.dev/issue/71383"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2025-3447"
            }
          ],
          "title": "Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2025-22866",
        "datePublished": "2025-02-06T16:54:10.252Z",
        "dateReserved": "2025-01-08T19:11:42.834Z",
        "dateUpdated": "2025-02-21T18:03:36.215Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-24532 (GCVE-0-2023-24532)

    Vulnerability from cvelistv5 – Published: 2023-03-08 19:40 – Updated: 2024-08-02 10:56
    VLAI
    Title
    Incorrect calculation on P256 curves in crypto/internal/nistec
    Summary
    The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (a scalar larger than the order of the curve). This does not impact usages of crypto/ecdsa or crypto/ecdh.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Go
    Impacted products
    Vendor Product Version
    Go standard library crypto/internal/nistec Affected: 0 , < 1.19.7 (semver)
    Affected: 1.20.0-0 , < 1.20.2 (semver)
    Create a notification for this product.
    Credits
    Guido Vranken, via the Ethereum Foundation bug bounty program
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T10:56:04.340Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://security.netapp.com/advisory/ntap-20230331-0011/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/issue/58647"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://go.dev/cl/471255"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://pkg.go.dev/vuln/GO-2023-1621"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-24532",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-01T15:58:31.679478Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-01T15:58:40.921Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://pkg.go.dev",
              "defaultStatus": "unaffected",
              "packageName": "crypto/internal/nistec",
              "product": "crypto/internal/nistec",
              "programRoutines": [
                {
                  "name": "P256Point.ScalarBaseMult"
                },
                {
                  "name": "P256Point.ScalarMult"
                },
                {
                  "name": "P256OrdInverse"
                }
              ],
              "vendor": "Go standard library",
              "versions": [
                {
                  "lessThan": "1.19.7",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                },
                {
                  "lessThan": "1.20.2",
                  "status": "affected",
                  "version": "1.20.0-0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Guido Vranken, via the Ethereum Foundation bug bounty program"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (a scalar larger than the order of the curve). This does not impact usages of crypto/ecdsa or crypto/ecdh."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-682: Incorrect Calculation",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-06-12T19:07:52.290Z",
            "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
            "shortName": "Go"
          },
          "references": [
            {
              "url": "https://go.dev/issue/58647"
            },
            {
              "url": "https://go.dev/cl/471255"
            },
            {
              "url": "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY"
            },
            {
              "url": "https://pkg.go.dev/vuln/GO-2023-1621"
            }
          ],
          "title": "Incorrect calculation on P256 curves in crypto/internal/nistec"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "assignerShortName": "Go",
        "cveId": "CVE-2023-24532",
        "datePublished": "2023-03-08T19:40:45.425Z",
        "dateReserved": "2023-01-25T21:19:20.641Z",
        "dateUpdated": "2024-08-02T10:56:04.340Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }