Description
The Int.Exp Montgomery code in the math/big library in Go 1.5.x before 1.5.3 mishandles carry propagation and produces incorrect output, which makes it easier for attackers to obtain private RSA keys via unspecified vectors.
References (9)
Core 9
Core References
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175642.html
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2016/01/13/7
Various Sources x_refsource_confirm
https://go-review.googlesource.com/#/c/17672/
Mailing List mailing-list
x_refsource_mlist
https://groups.google.com/forum/#%21topic/golang-announce/MEATuOi_ei4
Patch x_refsource_confirm
https://github.com/golang/go/issues/13515
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2016-05/msg00077.html
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/12/22/9
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/12/21/6
Mailing List, Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176179.html
Scores
CVSS v3
7.5
EPSS
0.0073
EPSS Percentile
73.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (4)
golang/go
1.5
golang/go
1.5.1
golang/go
1.5.2
opensuse/leap
42.1
Published
Jan 27, 2016
Tracked Since
Feb 18, 2026