projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1832bb0) | patch
Fix possible infinite loop in BN_mod_sqrt()
authorTomas Mraz <tomas@openssl.org>
Mon, 28 Feb 2022 17:26:21 +0000 (18:26 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 15 Mar 2022 13:15:12 +0000 (13:15 +0000)
commit9eafb53614bf65797db25f467946e735e1b43dc9
tree3b3262d7c346c484e33fbd946bf33b6e4ffc7692tree | snapshot
parent1832bb0f02e519a48f06a10467c7ce5f7f3feeebcommit | diff
Fix possible infinite loop in BN_mod_sqrt()

The calculation in some cases does not finish for non-prime p.

This fixes CVE-2022-0778.

Based on patch by David Benjamin <davidben@google.com>.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
crypto/bn/bn_sqrt.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.