Lacking a check for the return value of EC_KEY_set_private_key.
EC_KEY_set_private_key() returns 1 on success or 0 on error except when the priv_key argument is NULL, in that case it returns 0, for legacy compatibility, and should not be treated as an error.
Suggested description of the vulnerability for use in the CVE
DoS vulnerability in sign_pFwInfo() function in Samsung Electronics mTower v0.3.0 (and earlier) due to a missing check on the return value of EC_KEY_set_private_key.
Affected components
affected source code file: tools/fwinfogen.c
Attack vector(s)
Lacking a check for the return value of EC_KEY_set_private_key.
EC_KEY_set_private_key() returns 1 on success or 0 on error except when the priv_key argument is NULL, in that case it returns 0, for legacy compatibility, and should not be treated as an error.
Suggested description of the vulnerability for use in the CVE
DoS vulnerability in sign_pFwInfo() function in Samsung Electronics mTower v0.3.0 (and earlier) due to a missing check on the return value of EC_KEY_set_private_key.
Discoverer(s)/Credits
UVScan
Reference(s)
https://www.openssl.org/docs/manmaster/man3/EC_KEY_set_private_key.html
mTower/tools/fwinfogen.c
Line 193 in 18f4b59
The text was updated successfully, but these errors were encountered: