CVE-2015-7940

Published: 09 November 2015

The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."

Priority

Low

Status

Package Release Status
bouncycastle
Launchpad, Ubuntu, Debian
Upstream
Released (1.51-1)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(1.59-1)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(1.51-4ubuntu1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [1.49+dfsg-2ubuntu0.1])
Patches:
Upstream: https://github.com/bcgit/bc-java/commit/5cb2f0578e6ec8f0d67e59d05d8c4704d8e05f83
Upstream: https://github.com/bcgit/bc-java/commit/e25e94a046a6934819133886439984e2fecb2b04