Back to search
CVE-2015-8618
Published: Jan 27, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
The Int.Exp Montgomery code in the math/big library in Go 1.5.x before 1.5.3 mishandles carry propagation and produces incorrect output, which makes it easier for attackers to obtain private RSA keys via unspecified vectors.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
FEDORA-2016-5a073cbd93
vendor-advisory
x_refsource_FEDORA
[oss-security] 20160113 [security] Go security release v1.5.3
mailing-list
x_refsource_MLIST
https://go-review.googlesource.com/#/c/17672/
x_refsource_CONFIRM
[golang-announce] 20160113 [security] Go 1.5.3 is released
mailing-list
x_refsource_MLIST
https://github.com/golang/go/issues/13515
x_refsource_CONFIRM
openSUSE-SU-2016:1331
vendor-advisory
x_refsource_SUSE
[oss-security] 20151222 Re: CVE request for math/big.Exp
mailing-list
x_refsource_MLIST
[oss-security] 20151221 CVE request for math/big.Exp
mailing-list
x_refsource_MLIST
FEDORA-2016-2dcc094217
vendor-advisory
x_refsource_FEDORA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now