Description
In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.
References (7)
Core 7
Core References
Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:2669
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/3727-1/
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:2927
Vendor Advisory x_refsource_misc
https://www.oracle.com/security-alerts/cpuoct2020.html
Vendor Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20181127-0004/
Patch, Third Party Advisory x_refsource_confirm
https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647#diff-25c3c78db788365f36839b3f2d3016b9
Scores
CVSS v3
7.5
EPSS
0.0178
EPSS Percentile
75.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-347
Status
published
Products (5)
bouncycastle/bc-java
< 1.55
debian/debian_linux
8.0
org.bouncycastle/bcprov-jdk14
0 - 1.56Maven
org.bouncycastle/bcprov-jdk15
0 - 1.56Maven
org.bouncycastle/bcprov-jdk15on
0 - 1.56Maven
Published
Jun 04, 2018
Tracked Since
Feb 18, 2026