Skip to content

Security: Lacking a check for the return value of EC_KEY_set_private_key() #76

Closed
@UVScan

Description

Affected components

affected source code file: tools/fwinfogen.c

Attack vector(s)

Lacking a check for the return value of EC_KEY_set_private_key.
EC_KEY_set_private_key() returns 1 on success or 0 on error except when the priv_key argument is NULL, in that case it returns 0, for legacy compatibility, and should not be treated as an error.

Suggested description of the vulnerability for use in the CVE

DoS vulnerability in sign_pFwInfo() function in Samsung Electronics mTower v0.3.0 (and earlier) due to a missing check on the return value of EC_KEY_set_private_key.

Discoverer(s)/Credits

UVScan

Reference(s)

https://www.openssl.org/docs/manmaster/man3/EC_KEY_set_private_key.html

EC_KEY_set_private_key(eckey, d);

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions