CVE-2022-24884

2022-05-0600:15:07

Debian Security Bug Tracker

security-tracker.debian.org

ecdsautils

signature validation

vulnerability

fixed

version 0.4.1

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

EPSS

0.006

Percentile

77.9%

JSON

ecdsautils is a tiny collection of programs used for ECDSA (keygen, sign, verify). ecdsa_verify_[prepare_]legacy() does not check whether the signature values r and s are non-zero. A signature consisting only of zeroes is always considered valid, making it trivial to forge signatures. Requiring multiple signatures from different public keys does not mitigate the issue: ecdsa_verify_list_legacy() will accept an arbitrary number of such forged signatures. Both the ecdsautil verify CLI command and the libecdsautil library are affected. The issue has been fixed in ecdsautils 0.4.1. All older versions of ecdsautils (including versions before the split into a library and a CLI utility) are vulnerable.

OSVersionArchitecturePackageVersionFilename
Debian12allecdsautils< 0.4.1-1ecdsautils_0.4.1-1_all.deb
Debian11allecdsautils< 0.3.2+git20151018-2+deb11u1ecdsautils_0.3.2+git20151018-2+deb11u1_all.deb
Debian999allecdsautils< 0.4.1-1ecdsautils_0.4.1-1_all.deb
Debian13allecdsautils< 0.4.1-1ecdsautils_0.4.1-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	ecdsautils	< 0.4.1-1	ecdsautils_0.4.1-1_all.deb
Debian	11	all	ecdsautils	< 0.3.2+git20151018-2+deb11u1	ecdsautils_0.3.2+git20151018-2+deb11u1_all.deb
Debian	999	all	ecdsautils	< 0.4.1-1	ecdsautils_0.4.1-1_all.deb
Debian	13	all	ecdsautils	< 0.4.1-1	ecdsautils_0.4.1-1_all.deb