ALT-PU-2021-2125-1
Closed vulnerabilities
Published: 2021-05-17
BDU:2022-00233
Уязвимость функций расшифровки RSA криптографической библиотеки Nettle, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-08-06
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2021-3580
A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- https://bugzilla.redhat.com/show_bug.cgi?id=1967983
- https://bugzilla.redhat.com/show_bug.cgi?id=1967983
- [debian-lts-announce] 20210918 [SECURITY] [DLA 2760-1] nettle security update
- [debian-lts-announce] 20210918 [SECURITY] [DLA 2760-1] nettle security update
- GLSA-202401-24
- GLSA-202401-24
- https://security.netapp.com/advisory/ntap-20211104-0006/
- https://security.netapp.com/advisory/ntap-20211104-0006/