Source: node-elliptic Version: 6.6.1+dfsg-1 Severity: important Tags: security upstream Forwarded: https://github.com/indutny/elliptic/issues/321 X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]> Control: found -1 6.5.4~dfsg-2
Hi, The following vulnerability was published for node-elliptic. CVE-2025-14505[0]: | The ECDSA implementation of the Elliptic package generates incorrect | signatures if an interim value of 'k' (as computed based on step 3.2 | of RFC 6979 https://datatracker.ietf.org/doc/html/rfc6979 ) has | leading zeros and is susceptible to cryptanalysis, which can lead to | secret key exposure. This happens, because the byte-length of 'k' is | incorrectly computed, resulting in its getting truncated during the | computation. Legitimate transactions or communications will be | broken as a result. Furthermore, due to the nature of the fault, | attackers could–under certain conditions–derive the secret key, if | they could get their hands on both a faulty signature generated by a | vulnerable version of Elliptic and a correct signature for the same | inputs. This issue affects all known versions of Elliptic (at the | time of writing, versions less than or equal to 6.6.1). If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2025-14505 https://www.cve.org/CVERecord?id=CVE-2025-14505 [1] https://github.com/indutny/elliptic/issues/321 Regards, Salvatore -- Pkg-javascript-devel mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-javascript-devel
