CVE-2016-1000340

{"id": "CVE-2016-1000340", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2018-06-04T13:29:00.293", "references": [{"url": "https://access.redhat.com/errata/RHSA-2018:2669", "source": "cve@mitre.org"}, {"url": "https://access.redhat.com/errata/RHSA-2018:2927", "source": "cve@mitre.org"}, {"url": "https://github.com/bcgit/bc-java/commit/790642084c4e0cadd47352054f868cc8397e2c00#diff-e5934feac8203ca0104ab291a3560a31", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://security.netapp.com/advisory/ntap-20181127-0004/", "source": "cve@mitre.org"}, {"url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-19"}]}], "descriptions": [{"lang": "en", "value": "In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propagation bug was introduced in the implementation of squaring for several raw math classes have been fixed (org.bouncycastle.math.raw.Nat???). These classes are used by our custom elliptic curve implementations (org.bouncycastle.math.ec.custom.**), so there was the possibility of rare (in general usage) spurious calculations for elliptic curve scalar multiplications. Such errors would have been detected with high probability by the output validation for our scalar multipliers."}, {"lang": "es", "value": "En Bouncy Castle JCE Provider, de la versi\u00f3n 1.51 a la 1.55, se solucion\u00f3 la introducci\u00f3n de un error de propagaci\u00f3n de d\u00edgito (carry propagation) en la implementaci\u00f3n de la elevaci\u00f3n al cuadrado para varias clases raw math (org.bouncycastle.math.raw.Nat???). Las implementaciones de curva el\u00edptica personalizadas emplean estas clases (org.bouncycastle.math.ec.custom.**), por lo que existe la posibilidad de que haya c\u00e1lculos raros falsos para las multiplicaciones escalares de curva el\u00edptica. Tales errores se hubiesen detectado con una alta probabilidad por la validaci\u00f3n de salidas de los multiplicadores escalares."}], "lastModified": "2020-10-20T22:15:17.140", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA8E52F8-59D3-4328-A7FF-E8F211106A6A", "versionEndIncluding": "1.55", "versionStartIncluding": "1.51"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}