The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to obtain sensitive private-key information via an attack against use of a (1) Diffie-Hellman (DH) or (2) Diffie-Hellman Ephemeral (DHE) ciphersuite.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2015-12-06T00:00:00
Updated: 2022-12-13T00:00:00
Reserved: 2015-04-10T00:00:00
Link: CVE-2015-3193
JSON object: View
NVD Information
Status : Modified
Published: 2015-12-06T20:59:02.613
Modified: 2023-02-13T00:47:51.587
Link: CVE-2015-3193
JSON object: View
Redhat Information
No data.
CWE