CVE-2023-36327

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-36327

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-36327.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-36327

Published

2023-09-01T16:15:08Z

Modified

2025-10-21T13:20:20.129872Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Integer Overflow vulnerability in RELIC before commit 421f2e91cf2ba42473d4d54daf24e295679e290e, allows attackers to execute arbitrary code and cause a denial of service in pos argument in bngetprime function.

References

Affected packages

Git / github.com/relic-toolkit/relic

Affected ranges

Type: GIT
Repo: https://github.com/relic-toolkit/relic
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

421f2e91cf2ba42473d4d54daf24e295679e290e

Affected versions

0.*

0.6.0

relic-toolkit-0.*

relic-toolkit-0.4.0

relic-toolkit-0.5.0

Database specific

vanir_signatures

[
    {
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "198541175929715158198710043838568319794",
                "219748013954143964858498237208146625470",
                "98731530914174092748226320672181472542",
                "38845636090477406116475567403353319277"
            ]
        },
        "target": {
            "file": "include/relic_bn.h"
        },
        "signature_version": "v1",
        "id": "CVE-2023-36327-021e3712",
        "deprecated": false,
        "source": "https://github.com/relic-toolkit/relic/commit/421f2e91cf2ba42473d4d54daf24e295679e290e"
    },
    {
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "156253243738575784851652964876728093615",
                "144332720998186384372573746011035442046",
                "16179430887366667933556806564245285973",
                "17455384671793139616432641182472941064",
                "110349309467091730040224459267953843436",
                "221260760224870654452578867925083745398",
                "200602063799490910143497005794063549309",
                "236738401112146690557475938776952109733",
                "288577125418409658335395651022500798073",
                "156023480858223409364024062982506080776",
                "93193126157934946346721265910237954512",
                "32646701537210815139385587008044896245",
                "280251113815244769662684999744241837500",
                "156023480858223409364024062982506080776",
                "93193126157934946346721265910237954512",
                "78482176009135560320090148471617595336",
                "192081864379329503251452417168848750867",
                "244883407288725208092408984535813748741",
                "239832929385000024788208043686996929834",
                "131376359241038670704447598941282008290",
                "28268289052302217789941414164355941570",
                "66339246285478837400857056156974607815",
                "253282315312209988272229218147557353822",
                "297480250703280253902315113368945242742",
                "9355507682214275464943289804227795623",
                "289769448815275762225938236837455281786",
                "251783289678429482516032532500217699196",
                "336722060174354490250142178194234109239",
                "56942020547254620730350025738415718221",
                "147253038976772816813233701881367551837",
                "95389818154431523337342896860202716537",
                "293738030930487941876622340571030623641",
                "7711795496348197922394491608390615209",
                "285155268728512726196562556027964436600",
                "164843136412405031662253197115435012420",
                "296826451489167759707997983488642586568",
                "45016356887887314028498609742839012444",
                "123362228521052588198712941576830110953",
                "56117786691662889913203118683996579783",
                "228325506662951071800381399022821575943",
                "81401767075730113851147061496444438062",
                "71958027150985447729869623335224647507",
                "97871165643144812171922568761286262574",
                "192626699017398888457529508021726055777",
                "106982098782687532941836375964474331592",
                "236649620279620137790933938101933562036",
                "20566125861442655626139775574408182306",
                "73545778378958978892074203117340881477",
                "45855532156775078585433098712790823651",
                "230578921665980595504864099741565858717",
                "86446450507496900370527098108411535092",
                "315881209342262582642674933517420324700",
                "193319608100792384359679986795762198467",
                "207184232652424387812017650725624158074",
                "111056715780215817630876526197387364762",
                "211786412798278087332686929557513489776",
                "313547880442067802614290304887442047689",
                "277223508765908606275827913777905148740",
                "141111455526626614176975115289285544585",
                "133577592327360284247183757702044619267"
            ]
        },
        "target": {
            "file": "test/test_cp.c"
        },
        "signature_version": "v1",
        "id": "CVE-2023-36327-0724064e",
        "deprecated": false,
        "source": "https://github.com/relic-toolkit/relic/commit/421f2e91cf2ba42473d4d54daf24e295679e290e"
    },
    {
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "242563468774773266375555895667429673314",
                "213495425077931525255417534734761444303",
                "237698865564528360197575492690699899598",
                "115823439270366389961589732934783485513",
                "280034454355597829439323425978743326899",
                "96843488351817931602362974402964297438",
                "329970185964278979282532703512905347662",
                "177770608911297649810356270357568561651",
                "88252879989292249458083166519120746942"
            ]
        },
        "target": {
            "file": "src/bn/relic_bn_prime.c"
        },
        "signature_version": "v1",
        "id": "CVE-2023-36327-08258857",
        "deprecated": false,
        "source": "https://github.com/relic-toolkit/relic/commit/421f2e91cf2ba42473d4d54daf24e295679e290e"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "269660226622708624228258327128312303872",
            "length": 1634.0
        },
        "target": {
            "file": "test/test_cp.c",
            "function": "benaloh"
        },
        "signature_version": "v1",
        "id": "CVE-2023-36327-2d99e141",
        "deprecated": false,
        "source": "https://github.com/relic-toolkit/relic/commit/421f2e91cf2ba42473d4d54daf24e295679e290e"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "43575137905543784777756221616105262794",
            "length": 103.0
        },
        "target": {
            "file": "src/bn/relic_bn_prime.c",
            "function": "bn_get_prime"
        },
        "signature_version": "v1",
        "id": "CVE-2023-36327-340b79cf",
        "deprecated": false,
        "source": "https://github.com/relic-toolkit/relic/commit/421f2e91cf2ba42473d4d54daf24e295679e290e"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "44067792831753975686694892640423407932",
            "length": 2480.0
        },
        "target": {
            "file": "test/test_cp.c",
            "function": "main"
        },
        "signature_version": "v1",
        "id": "CVE-2023-36327-67f6a2e0",
        "deprecated": false,
        "source": "https://github.com/relic-toolkit/relic/commit/421f2e91cf2ba42473d4d54daf24e295679e290e"
    },
    {
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "207587998733504629218551119098450578020",
                "10045143565161841965555648962197580364",
                "197406993804099552993174806034831589289",
                "20280989668712731362133881748161777403",
                "69876221775294110759358704826052825881",
                "247962426008312847394603327157739043856",
                "225250546380866163512520204909198202471"
            ]
        },
        "target": {
            "file": "include/relic_label.h"
        },
        "signature_version": "v1",
        "id": "CVE-2023-36327-7ab51529",
        "deprecated": false,
        "source": "https://github.com/relic-toolkit/relic/commit/421f2e91cf2ba42473d4d54daf24e295679e290e"
    },
    {
        "signature_type": "Function",
        "digest": {
            "function_hash": "298342101495137059984521799434065336329",
            "length": 4126.0
        },
        "target": {
            "file": "test/test_cp.c",
            "function": "psi"
        },
        "signature_version": "v1",
        "id": "CVE-2023-36327-d3b52fbe",
        "deprecated": false,
        "source": "https://github.com/relic-toolkit/relic/commit/421f2e91cf2ba42473d4d54daf24e295679e290e"
    }
]