Closed
Description
Affected components
affected source code file: tools/fwinfogen.c
Attack vector(s)
Lacking a check for the return value of EC_KEY_set_private_key.
EC_KEY_set_private_key() returns 1 on success or 0 on error except when the priv_key argument is NULL, in that case it returns 0, for legacy compatibility, and should not be treated as an error.
Suggested description of the vulnerability for use in the CVE
DoS vulnerability in sign_pFwInfo() function in Samsung Electronics mTower v0.3.0 (and earlier) due to a missing check on the return value of EC_KEY_set_private_key.
Discoverer(s)/Credits
UVScan
Reference(s)
https://www.openssl.org/docs/manmaster/man3/EC_KEY_set_private_key.html
Line 193 in 18f4b59
Metadata
Assignees
Labels
No labels