CVE-2022-28327 P-256 in Go before 1.17.9 and 1.18.x allows a panic with long scalar input.

CVE-2022-28327 P-256 in Go before 1.17.9 and 1.18.x allows a panic with long scalar input.

A user could cause a panic in a contract or library by providing an invalid value for the parameter. For example, an attacker could provide a negative value for the scalar parameter. The contract or library would panic if this invalid value was provided. The contract or library could be vulnerable to this attack if it assumed that all negative values were invalid.


An attacker can use this to execute a denial-of-service (DoS) against contracts or libraries that rely on elliptic in order to panic.

An attacker can cause a panic in a contract or library by providing an invalid value for the parameter. For example, an attacker could provide a negative value for the scalar parameter. The contract or library would panic if this invalid value was provided. The contract or library could be vulnerable to this attack if it assumed that all negative values were invalid.An attacker can use this to execute a denial-of-service (DoS) against contracts or libraries that rely on elliptic in order to panic.

CVE-2023-26153

A user could cause a panic in a contract or library by providing an invalid value for the parameter. For example, an attacker could provide a negative value for the scalar parameter. The contract or library would panic if this invalid value was provided. The contract or library could be vulnerable to this attack if it assumed that all negative values were invalid.

An attacker can use this to execute a denial-of-service (DoS) against contracts or libraries that rely on elliptic in order to panic.

An attacker can cause a panic in a contract or library by providing an invalid value for the parameter. For example, an attacker could provide a negative value for the scalar parameter. The contract or library would panic if this invalid value was provided. The contract or library could be vulnerable to this attack if it assumed that all negative values were invalid.An attacker can use this to execute a denial-of-service (DoS) against contracts or libraries that rely on elliptic in order to panic.

In a distributed system, as long as one node has access to at least one other node, it is not necessary for every node to have direct connections with every other node and send each other information about its state and requests using messages such as requests and confirmations. This is exemplified by the example of social networking applications where users who are not friends with one another do not have any direct communication but still have access to information about their friends which is made possible by gossiping

Vulnerability details

The vulnerability allows for a denial-of-service attack against contracts or libraries that rely on elliptic in order to panic.

The vulnerability allows for a denial-of-service attack against contracts or libraries that rely on elliptic in order to panic.

Vulnerable to Arbitrary Scalar Type Denial-of-Service

The contract or library is vulnerable to a denial-of-service attack that can be caused by providing an arbitrary value for the scalar parameter. This can be triggered in certain scenarios, such as when the contract or library assumes that all negative values are invalid.

Vulnerable Code: contract or library panic

A user could cause a panic in a contract or library by providing an invalid value for the parameter. For example, an attacker could provide a negative value for the scalar parameter. The contract or library would panic if this invalid value was provided. The contract or library could be vulnerable to this attack if it assumed that all negative values were invalid.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe