Your submission was sent successfully! Close

CVE-2007-6755

Published: 11 October 2013

The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.

Notes

AuthorNote
seth-arnold
Dual_EC_DRBG has been under suspicion long enough that I suspect
none of our libraries use it by default, though some may make it available
for legacy compatability. It might be worthwhile to remove it entirely, so
that unsafe mechanisms aren't available to provide a false sense of safety.
mdeslaur
openssl only seems to have Dual_EC_DRBG in the fips module, not
in the regular source.
Priority

Low

Status

Package Release Status
bouncycastle
Launchpad, Ubuntu, Debian
artful Not vulnerable
(code not present)
bionic Not vulnerable
(code not present)
cosmic Not vulnerable
(code not present)
lucid Ignored
(reached end-of-life)
precise Does not exist
(precise was needs-triage)
quantal Ignored
(reached end-of-life)
raring Ignored
(reached end-of-life)
saucy Ignored
(reached end-of-life)
trusty Does not exist
(trusty was not-affected [code not present])
upstream Needs triage

utopic Ignored
(reached end-of-life)
vivid Ignored
(reached end-of-life)
wily Ignored
(reached end-of-life)
xenial Not vulnerable
(code not present)
yakkety Ignored
(reached end-of-life)
zesty Not vulnerable
(code not present)
gnutls26
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

lucid Not vulnerable

precise Not vulnerable

quantal Not vulnerable

raring Not vulnerable

saucy Not vulnerable

trusty Not vulnerable

upstream Needs triage

utopic Not vulnerable

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

gnutls28
Launchpad, Ubuntu, Debian
artful Not vulnerable

bionic Not vulnerable

cosmic Not vulnerable

lucid Does not exist

precise Does not exist
(precise was not-affected)
quantal Not vulnerable

raring Not vulnerable

saucy Not vulnerable

trusty Does not exist
(trusty was not-affected)
upstream Needs triage

utopic Not vulnerable

vivid Not vulnerable

wily Not vulnerable

xenial Not vulnerable

yakkety Not vulnerable

zesty Not vulnerable

libgcrypt11
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

lucid Not vulnerable

precise Not vulnerable

quantal Ignored
(reached end-of-life)
raring Ignored
(reached end-of-life)
saucy Ignored
(reached end-of-life)
trusty Not vulnerable

upstream Needs triage

utopic Not vulnerable

vivid Does not exist

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

mbedtls
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Not vulnerable

cosmic Not vulnerable

precise Does not exist

trusty Does not exist

upstream Not vulnerable

vivid Ignored
(reached end-of-life)
wily Does not exist

xenial Not vulnerable

yakkety Ignored
(reached end-of-life)
zesty Ignored
(reached end-of-life)
nss
Launchpad, Ubuntu, Debian
artful Not vulnerable

bionic Not vulnerable

cosmic Not vulnerable

lucid Not vulnerable

precise Not vulnerable

quantal Not vulnerable

raring Not vulnerable

saucy Not vulnerable

trusty Not vulnerable

upstream Needs triage

utopic Not vulnerable

vivid Not vulnerable

wily Not vulnerable

xenial Not vulnerable

yakkety Not vulnerable

zesty Not vulnerable

openssl
Launchpad, Ubuntu, Debian
artful Not vulnerable

bionic Not vulnerable

cosmic Not vulnerable

lucid Not vulnerable

precise Not vulnerable

quantal Not vulnerable

raring Not vulnerable

saucy Not vulnerable

trusty Not vulnerable

upstream Needs triage

utopic Not vulnerable

vivid Not vulnerable

wily Not vulnerable

xenial Not vulnerable

yakkety Not vulnerable

zesty Not vulnerable

Patches:
upstream: http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=a4870de5aaef562c0947494b410a2387f3a6d04d (1.0.1)
openssl098
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

lucid Does not exist

precise Does not exist
(precise was not-affected)
quantal Not vulnerable

raring Not vulnerable

saucy Not vulnerable

trusty Does not exist
(trusty was not-affected)
upstream Needs triage

utopic Not vulnerable

vivid Not vulnerable

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist

polarssl
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

lucid Ignored
(reached end-of-life)
precise Does not exist
(precise was needs-triage)
quantal Ignored
(reached end-of-life)
raring Ignored
(reached end-of-life)
saucy Ignored
(reached end-of-life)
trusty Does not exist
(trusty was not-affected)
upstream Not vulnerable

utopic Ignored
(reached end-of-life)
vivid Ignored
(reached end-of-life)
wily Ignored
(reached end-of-life)
xenial Does not exist

yakkety Does not exist

zesty Does not exist

python-crypto
Launchpad, Ubuntu, Debian
artful Not vulnerable

bionic Not vulnerable

cosmic Not vulnerable

lucid Ignored
(reached end-of-life)
precise Not vulnerable

quantal Ignored
(reached end-of-life)
raring Ignored
(reached end-of-life)
saucy Ignored
(reached end-of-life)
trusty Not vulnerable

upstream Not vulnerable

utopic Ignored
(reached end-of-life)
vivid Ignored
(reached end-of-life)
wily Ignored
(reached end-of-life)
xenial Not vulnerable

yakkety Not vulnerable

zesty Not vulnerable