CVE-2021-43398

04.11.2021, 21:15

Crypto++ (aka Cryptopp) 8.6.0 and earlier contains a timing leakage in MakePublicKey(). There is a clear correlation between execution time and private key length, which may cause disclosure of the length information of the private key. This might allow attackers to conduct timing attacks. NOTE: this report is disputed by the vendor and multiple third parties. The execution-time differences are intentional. A user may make a choice of a longer key as a tradeoff between strength and performance. In making this choice, the amount of information leaked to an adversary is of infinitesimal value

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 64%

Vendor	Product	Version
cryptopp	crypto\+\+	𝑥 ≤ 8.6.0

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

libcrypto++

noble	not-affected
mantic	ignored
lunar	ignored
kinetic	ignored
jammy	not-affected
impish	ignored
hirsute	ignored
focal	not-affected
bionic	not-affected
xenial	not-affected
trusty	not-affected

Known Exploits!

Common Weakness Enumeration

CWE-203 - Observable Discrepancy
The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

References

https://cryptopp.com

https://github.com/weidai11/cryptopp/issues/1080

https://github.com/weidai11/cryptopp/issues/1080#issuecomment-996492222

https://cryptopp.com

https://github.com/weidai11/cryptopp/issues/1080

https://github.com/weidai11/cryptopp/issues/1080#issuecomment-996492222