GO-2023-1621

Source
https://pkg.go.dev/vuln/GO-2023-1621
Import Source
https://vuln.go.dev/ID/GO-2023-1621.json
JSON Data
https://api.osv.dev/v1/vulns/GO-2023-1621
Aliases
Related
Published
2023-03-08T19:30:53Z
Modified
2024-09-11T06:12:34.357569Z
Summary
Incorrect calculation on P256 curves in crypto/internal/nistec
Details

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (a scalar larger than the order of the curve).

This does not impact usages of crypto/ecdsa or crypto/ecdh.

References
Credits
    • Guido Vranken, via the Ethereum Foundation bug bounty program

Affected packages

Go / stdlib

Package

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.19.7
Introduced
1.20.0-0
Fixed
1.20.2

Ecosystem specific

{
    "imports": [
        {
            "path": "crypto/internal/nistec",
            "symbols": [
                "P256OrdInverse",
                "P256Point.ScalarBaseMult",
                "P256Point.ScalarMult"
            ]
        }
    ]
}