- changed status to resolved
[tnozaki-openssl] CVE-2022-0778: The BN_mod_sqrt() function contains a bug that can cause it to loop forever for non-prime moduli
Issue #287
resolved
Comments (1)
-
reporter - Log in to comment
BUGFIX: Issue
#287- CVE-2022-0778 The BN_mod_sqrt() function contains a bug that can cause it to loop forever for non-prime modulipatch obtained from: https://github.com/openssl/openssl/commit/3118eb64934499d93db3230748a452351d1d9a65
original commit message:
Fix possible infinite loop in BN_mod_sqrt() The calculation in some cases does not finish for non-prime p.
This fixes CVE-2022-0778.
Based on patch by David Benjamin davidben@google.com.
Reviewed-by: Paul Dale pauli@openssl.org Reviewed-by: Matt Caswell matt@openssl.org
→ <<cset d97eff0c3d33>>