Vulnerability Name:

CVE-2021-20305 (CCN-199653)

Assigned:2020-12-17
Published:2021-03-15
Updated:2021-12-06
Summary:A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.
CVSS v3 Severity:8.1 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:R)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
8.1 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:R)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
8.1 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:R)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.6 High (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-787
CWE-327
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2021-20305

Source: CCN
Type: Red Hat Bugzilla - Bug 1942533
(CVE-2021-20305) - CVE-2021-20305 nettle: Out of bounds memory access in signature verification

Source: MISC
Type: Issue Tracking, Patch, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1942533

Source: XF
Type: UNKNOWN
nettle-cve202120305-sec-bypass(199653)

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20210918 [SECURITY] [DLA 2760-1] nettle security update

Source: FEDORA
Type: Third Party Advisory
FEDORA-2021-454a0f6f76

Source: CCN
Type: Liu Web site
ANNOUNCE: Serious bug in Nettle's ecdsa_verify

Source: GENTOO
Type: Third Party Advisory
GLSA-202105-31

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20211022-0002/

Source: DEBIAN
Type: Third Party Advisory
DSA-4933

Source: CCN
Type: IBM Security Bulletin 6473141 (Rational Collaborative Lifecycle Management)
Multiple vulnerabilites affect IBM Jazz Foundation and IBM Engineering products.

Source: CCN
Type: IBM Security Bulletin 6476940 (Cloud Pak for Security)
Cloud Pak for Security has several security vulnerabilities addressed in the latest version

Source: CCN
Type: IBM Security Bulletin 6493729 (Cloud Pak for Security)
Cloud Pak for Security is vulnerable to several CVEs

Source: CCN
Type: IBM Security Bulletin 6514401 (QRadar Network Security)
IBM QRadar Network Security is affected by multiple vulnerabilities (CVE-2020-25648, CVE-2021-31535, CVE-2021-20305, CVE-2020-25692)

Source: CCN
Type: IBM Security Bulletin 6520474 (QRadar SIEM)
IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6538418 (Security Verify Access)
Multiple Security Vulnerabilities fixed in IBM Security Verify Access

Source: CCN
Type: Nettle Web site
Nettle

Vulnerable Configuration:Configuration 1:
  • cpe:/a:nettle_project:nettle:*:*:*:*:*:*:*:* (Version < 3.7.2)

    • Configuration 2:
  • cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
  • OR cpe:/a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:8:*:*:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:8::baseos:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:nettle_project:nettle:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:nettle_project:nettle:3.2:*:*:*:*:*:*:*
  • OR cpe:/a:nettle_project:nettle:3.7.1:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:rational_collaborative_lifecycle_management:6.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_network_security:5.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_network_security:5.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_collaborative_lifecycle_management:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_verify_access:10.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_security:1.6.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_security:1.5.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_security:1.5.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_security:1.6.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_security:1.7.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_security:1.7.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_security:1.7.2.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:7595
    P
    		libhogweed6-3.8.1-150500.2.25 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:3393
    P
    		vino-3.20.2-5.8 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3010
    P
    		apache2-2.4.23-29.43.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:95215
    P
    		libstaroffice-0_0-0-0.0.7-7.3.2 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:94640
    P
    		libhogweed6-3.7.3-150400.2.21 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:94505
    P
    		bcm43xx-firmware-20180314-150400.28.5 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:137
    P
    		libhogweed4-3.4.1-4.15.1 on GA media (Moderate)
    2022-06-13
    oval:org.opensuse.security:def:1066
    P
    		Security update for libaom (Moderate)
    2022-04-27
    oval:org.opensuse.security:def:112646
    P
    		libhogweed6-3.7.3-1.2 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:99442
    P
    		 (Moderate)
    2021-12-07
    oval:org.opensuse.security:def:101928
    P
    		Security update for the Linux Kernel (Important)
    2021-10-12
    oval:org.opensuse.security:def:106127
    P
    		libhogweed6-3.7.3-1.2 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:71896
    P
    		libhogweed4-3.4.1-4.15.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62155
    P
    		libhogweed4-3.4.1-4.15.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:100913
    P
    		libhogweed4-3.4.1-4.15.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:101218
    P
    		libsmi-devel-0.4.8-1.29 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:99641
    P
    		 (Important)
    2021-06-03
    oval:org.opensuse.security:def:99947
    P
    		 (Moderate)
    2021-05-26
    oval:org.opensuse.security:def:111352
    P
    		Security update for libnettle (Important)
    2021-04-30
    oval:org.opensuse.security:def:70205
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:31164
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:60242
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:98853
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:108594
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:56009
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:86075
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:117399
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:8742
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:92293
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:100601
    P
    		 (Important)
    2021-04-28
    oval:org.opensuse.security:def:33639
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:69451
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:29352
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:58729
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:88418
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:51877
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:84131
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:9692
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:93043
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:42064
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:70383
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:99630
    P
    		 (Important)
    2021-04-28
    oval:org.opensuse.security:def:31611
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:99048
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:23562
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:56987
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:86547
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:73604
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:82559
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:125522
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:8937
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:92492
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:33897
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:69633
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:30066
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:59462
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:89117
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:55175
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:84588
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:10065
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:93196
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:5667
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:91903
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:99937
    P
    		 (Important)
    2021-04-28
    oval:org.opensuse.security:def:32083
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:64482
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:99243
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:23889
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:57434
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:87370
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:96909
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:75824
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:83273
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:126693
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:9311
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:92691
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:34419
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:69832
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:30186
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:59720
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:89375
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:107884
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:55889
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:85628
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:10243
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:5026
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:8566
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:92098
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:100272
    P
    		 (Important)
    2021-04-28
    oval:org.opensuse.security:def:32906
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:66756
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:26039
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:57906
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:88106
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:51550
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:83393
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:127090
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:9493
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:92890
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:com.redhat.rhsa:def:20211206
    P
    		RHSA-2021:1206: gnutls and nettle security update (Important)
    2021-04-14
    oval:com.redhat.rhsa:def:20211145
    P
    		RHSA-2021:1145: nettle security update (Important)
    2021-04-08
    BACK
    nettle_project nettle *
    fedoraproject fedora 33
    redhat enterprise linux 7.0
    redhat enterprise linux 8.0
    netapp active iq unified manager -
    netapp ontap select deploy administration utility -
    debian debian linux 9.0
    debian debian linux 10.0
    nettle_project nettle 3.1
    nettle_project nettle 3.2
    nettle_project nettle 3.7.1
    ibm rational collaborative lifecycle management 6.0.2
    ibm qradar security information and event manager 7.3
    ibm qradar network security 5.4.0
    ibm qradar network security 5.5.0
    ibm rational collaborative lifecycle management 7.0
    ibm qradar security information and event manager 7.4 -
    ibm security verify access 10.0.0
    ibm cloud pak for security 1.6.0.0
    ibm cloud pak for security 1.5.0.1
    ibm cloud pak for security 1.5.0.0
    ibm cloud pak for security 1.6.0.1
    ibm cloud pak for security 1.7.0.0
    ibm cloud pak for security 1.7.1.0
    ibm cloud pak for security 1.7.2.0