GO-2025-3447

See a problem?
Please try reporting it to the source first.

Source

https://pkg.go.dev/vuln/GO-2025-3447

Import Source

https://vuln.go.dev/ID/GO-2025-3447.json

JSON Data

https://api.osv.dev/v1/vulns/GO-2025-3447

Aliases

Published

2025-02-06T16:38:14Z

Modified

2025-02-08T08:11:54.994992Z

Summary

Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec

Details

Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Due to the way this function is used, we do not believe this leakage is enough to allow recovery of the private key when P-256 is used in any well known protocols.

Database specific

{
    "review_status": "REVIEWED",
    "url": "https://pkg.go.dev/vuln/GO-2025-3447"
}

References

Affected packages

Go / stdlib

Package

Name: stdlib; View open source insights on deps.dev
Purl: pkg:golang/stdlib

Affected ranges

Type: SEMVER
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.22.12

Introduced

1.23.0-0

Fixed

1.23.6

Introduced

1.24.0-0

Fixed

1.24.0-rc.3

Ecosystem specific

{
    "imports": [
        {
            "path": "crypto/internal/nistec",
            "goarch": [
                "ppc64le"
            ],
            "symbols": [
                "P256Point.ScalarBaseMult",
                "P256Point.ScalarMult",
                "P256Point.SetBytes",
                "p256NegCond"
            ]
        }
    ]
}