CVE-2021-3114

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-3114

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3114.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-3114

Aliases

Downstream

BELL-CVE-2021-3114

DEBIAN-CVE-2021-3114

DLA-2591-1

DLA-2592-1

DSA-4848-1

RHBA-2021:1522

RHSA-2021:0958

RHSA-2021:1006

RHSA-2021:1339

RHSA-2021:1366

RHSA-2021:1551

RHSA-2021:1746

RHSA-2021:2095

RHSA-2021:2437

RHSA-2021:4103

RHSA-2021:4226

RHSA-2022:0308

RLSA-2021:1746

RLSA-2021:4226

SUSE-SU-2021:0222-1

SUSE-SU-2021:0223-1

UBUNTU-CVE-2021-3114

openSUSE-SU-2021:0190-1

openSUSE-SU-2021:0192-1

openSUSE-SU-2021:0194-1

openSUSE-SU-2024:10807-1

openSUSE-SU-2024:10808-1

Related

Published

2021-01-26T18:16:27.567Z

Modified

2026-02-05T08:13:50.482573Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.

References

Affected packages

Git / github.com/golang/go

Affected ranges

Type: GIT
Repo: https://github.com/golang/go
Events: Introduced

0fdc3801bfd43d6f55e4ea5bf095e1ea55430339

Fixed

2117ea9737bc9cb2e30cb087b76a283f68768819

Fixed

ccb4f250bd7e382e50824c36ec5a3e1a57dcf11a

Fixed

d95ca9138026cbe40e0857d76a81a16d03230871

Affected versions

go1.*

go1.15

go1.15.1

go1.15.2

go1.15.3

go1.15.4

go1.15.5

go1.15.6

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3114.json"