![]() It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. Vulnerability Details CVE-2022-0778ĬVE description: The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. ![]() Please find further details on the security advisory of the supplier. It is strongly recommended to update the firmware version of the affected devices. Solution and Mitigations Update to the latest released versions
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |