CVE-2021-38195

Name
CVE-2021-38195
Description
An issue was discovered in the libsecp256k1 crate before 0.5.0 for Rust. It can verify an invalid signature because it allows the R or S parameter to be larger than the curve order, aka an overflow.
NVD Severity
high
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://rustsec.org/advisories/RUSTSEC-2021-0076.html
MISC https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/libsecp256k1/RUSTSEC-2021-0076.md

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:parity:libsecp256k1:*:*:*:*:*:rust:*:* libsecp256k1 >= None < 0.5.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
libsecp256k1 3.14-community 0_git20201009-r1 Michał Adamski <michal@ert.pl> possibly vulnerable
libsecp256k1 3.15-community 0_git20211025-r1 Michał Adamski <michal@ert.pl> possibly vulnerable
libsecp256k1 3.16-community 0_git20211025-r1 Michał Adamski <michal@ert.pl> possibly vulnerable
libsecp256k1 3.17-community 0_git20211025-r1 Michał Adamski <michal@ert.pl> possibly vulnerable
libsecp256k1 3.18-community 0.3.1-r0 Michał Adamski <michal@ert.pl> possibly vulnerable
libsecp256k1 3.19-community 0.3.2-r0 Michał Adamski <michal@ert.pl> possibly vulnerable