CVE-2016-2849 — Sensitive Information Exposure in Project Botan

CWE-200 — Sensitive Information Exposure6 documents4 sources

Severity

7.5HIGHNVD

EPSS

0.6%

top 31.01%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Botan Project Botan Debian Linux Fedoraproject Fedora

Timeline

PublishedMay 13

Latest updateMay 17

Description

Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

▶NVDbotan_project/botan30 versions+29

Also affects: Debian Linux 8.0, Fedora 24

🔴Vulnerability Details

GHSA

GHSA-pfgh-27pp-8vx8: Botan before 1↗2022-05-17

▶

OSV

CVE-2016-2849: Botan before 1↗2016-05-13

▶

💬Community

Bugzilla

CVE-2016-2849 CVE-2016-2850 botan: two issues fixed in 1.11.29 [epel-all]↗2016-04-27

▶

Bugzilla

CVE-2016-2849 CVE-2016-2850 botan: two issues fixed in 1.11.29 [fedora-all]↗2016-04-27

▶

Bugzilla

CVE-2016-2849 CVE-2016-2850 botan: two issues fixed in 1.11.29↗2016-04-27

▶