CVE-2023-24532

NameCVE-2023-24532
DescriptionThe ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (a scalar larger than the order of the curve). This does not impact usages of crypto/ecdsa or crypto/ecdh.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
golang-1.11 (PTS)buster (security), buster, buster (lts)1.11.6-1+deb10u7vulnerable
golang-1.15 (PTS)bullseye1.15.15-1~deb11u4vulnerable
golang-1.19 (PTS)bookworm1.19.8-2fixed
golang-1.7 (PTS)stretch (security), stretch (lts), stretch1.7.4-2+deb9u5vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
golang-1.11source(unstable)(unfixed)
golang-1.15source(unstable)(unfixed)
golang-1.19sourceexperimental1.19.7-1
golang-1.19source(unstable)1.19.8-2
golang-1.20source(unstable)1.20.2-1
golang-1.7source(unstable)(unfixed)

Notes

[bullseye] - golang-1.15 <no-dsa> (Minor issue)
[buster] - golang-1.11 <postponed> (Limited support, minor issue, follow bullseye DSAs/point-releases)
https://golangtutorial.dev/news/go-1.20.2-and-go-1.19.7-versions-released/
https://github.com/golang/go/issues/58647
https://go-review.googlesource.com/c/go/+/471256
https://github.com/golang/go/commit/602eeaab387f24a4b28c5eccbb50fa934f3bc3c4 (go1.20.2)
https://github.com/golang/go/commit/639b67ed114151c0d786aa26e7faeab942400703 (go1.19.7)
[stretch] - golang-1.7 <postponed> (Limited support, follow DLAs)
Search for package or bug name: Reporting problems