Reported

October 14, 2019

Issued

October 1, 2020 (last modified: June 13, 2023)

Package

libsecp256k1 (crates.io)

Type

Vulnerability

Categories

• crypto-failure

Keywords

#crypto #sidechannel

Aliases

• CVE-2019-25003
• GHSA-hrjm-c879-pp86

CVSS Score

7.5 HIGH

CVSS Details

Attack vector

Network

Attack complexity

Low

Privileges required

None

User interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Patched

• >=0.3.1

Affected Functions

Version

libsecp256k1::Scalar::check_overflow

• <0.3.1

Description

Versions of libsecp256k1 prior to 0.3.1 did not execute Scalar::check_overflow in constant time.

This allows an attacker to potentially leak information via a timing attack.

The flaw was corrected by modifying Scalar::check_overflow to execute in constant time.

Advisory available under CC0-1.0 license.