CVE-2022-0778: Infinite loop in BN_mod_sqrt()

Versions Affected : All SCALE versions prior to TrueNAS SCALE All CORE versions prior to TrueNAS CORE 12.0-U8.1


The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli.

Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters.


CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Base score 7.5


No workarounds available


Do not use certificates that contain elliptic curve keys.


Further information

Back to SCALE Archive Back to CORE Archive