libgcrypt: Missing input validation for X25519 curve (CVE-2017-0379)
Libgcrypt before 1.8.1 does not properly consider Curve25519
side-channel attacks,
which makes it easier for attackers to discover a secret key, related to
cipher/ecc.c and mpi/ec.c.
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-0379
https://eprint.iacr.org/2017/806
Patch:
(from redmine: issue id 7831, created on 2017-09-14, closed on 2017-09-19)
- Relations:
- child #7832 (closed)
- child #7833 (closed)
- child #7834 (closed)
- child #7835 (closed)