CVE-2020-6829 - When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; wh

CVE-2020-6829

Summary

When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed. This vulnerability affects Firefox < 80 and Firefox for Android < 80.

References

Vulnerable Configurations

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:android:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:android:*:*
cpe:2.3:a:mozilla:firefox:14.0:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:14.0:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:15.0:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:15.0:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:16.0:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:16.0:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:17.0:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:17.0:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:18.0:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:18.0:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:19.0:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:21.0:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:21.0:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:22.0:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:22.0:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:24.0:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:24.0:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:24.1:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:24.1:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:25.0:*:*:*:*:-:*:*
cpe:2.3:a:mozilla:firefox:25.0:*:*:*:*:-:*:*

CVSS

Base:	5.0 (as of 20-02-2023 - 17:15)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:N/A:N

redhat via4

advisories

bugzilla

id	1870885
title	KDF-self-tests-induced changes for nss in RHEL 7.9

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 7 is installed
oval oval:com.redhat.rhba:tst:20150364027

AND
comment nspr is earlier than 0:4.25.0-2.el7_9
oval oval:com.redhat.rhsa:tst:20204076001
comment nspr is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364002
AND
comment nspr-devel is earlier than 0:4.25.0-2.el7_9
oval oval:com.redhat.rhsa:tst:20204076003
comment nspr-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364004
AND
comment nss-util is earlier than 0:3.53.1-1.el7_9
oval oval:com.redhat.rhsa:tst:20204076005
comment nss-util is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364016

AND

comment nss-util-devel is earlier than 0:3.53.1-1.el7_9
oval oval:com.redhat.rhsa:tst:20204076007
comment nss-util-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364018

AND
comment nss is earlier than 0:3.53.1-3.el7_9
oval oval:com.redhat.rhsa:tst:20204076009
comment nss is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364006
AND
comment nss-devel is earlier than 0:3.53.1-3.el7_9
oval oval:com.redhat.rhsa:tst:20204076011
comment nss-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364008

AND

comment nss-pkcs11-devel is earlier than 0:3.53.1-3.el7_9
oval oval:com.redhat.rhsa:tst:20204076013
comment nss-pkcs11-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364010

AND
comment nss-sysinit is earlier than 0:3.53.1-3.el7_9
oval oval:com.redhat.rhsa:tst:20204076015
comment nss-sysinit is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364012
AND
comment nss-tools is earlier than 0:3.53.1-3.el7_9
oval oval:com.redhat.rhsa:tst:20204076017
comment nss-tools is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364014
AND
comment nss-softokn is earlier than 0:3.53.1-6.el7_9
oval oval:com.redhat.rhsa:tst:20204076019
comment nss-softokn is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364020

AND

comment nss-softokn-devel is earlier than 0:3.53.1-6.el7_9
oval oval:com.redhat.rhsa:tst:20204076021
comment nss-softokn-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364022

AND

comment nss-softokn-freebl is earlier than 0:3.53.1-6.el7_9
oval oval:com.redhat.rhsa:tst:20204076023
comment nss-softokn-freebl is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364024

AND

comment nss-softokn-freebl-devel is earlier than 0:3.53.1-6.el7_9
oval oval:com.redhat.rhsa:tst:20204076025
comment nss-softokn-freebl-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364026

rhsa

id	RHSA-2020:4076
released	2020-09-29
severity	Moderate
title	RHSA-2020:4076: nss and nspr security, bug fix, and enhancement update (Moderate)

rpms

nspr-0:4.25.0-2.el7_9
nspr-debuginfo-0:4.25.0-2.el7_9
nspr-devel-0:4.25.0-2.el7_9
nss-0:3.53.1-3.el7_9
nss-debuginfo-0:3.53.1-3.el7_9
nss-devel-0:3.53.1-3.el7_9
nss-pkcs11-devel-0:3.53.1-3.el7_9
nss-softokn-0:3.53.1-6.el7_9
nss-softokn-debuginfo-0:3.53.1-6.el7_9
nss-softokn-devel-0:3.53.1-6.el7_9
nss-softokn-freebl-0:3.53.1-6.el7_9
nss-softokn-freebl-devel-0:3.53.1-6.el7_9
nss-sysinit-0:3.53.1-3.el7_9
nss-tools-0:3.53.1-3.el7_9
nss-util-0:3.53.1-1.el7_9
nss-util-debuginfo-0:3.53.1-1.el7_9
nss-util-devel-0:3.53.1-1.el7_9

refmap via4

misc

Last major update

20-02-2023 - 17:15

Published

28-10-2020 - 12:15

Last modified

20-02-2023 - 17:15