x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "2.7.1-1ubuntu0.1", "binary_name": "libhogweed2" }, { "binary_version": "2.7.1-1ubuntu0.1", "binary_name": "libnettle4" }, { "binary_version": "2.7.1-1ubuntu0.1", "binary_name": "nettle-bin" }, { "binary_version": "2.7.1-1ubuntu0.1", "binary_name": "nettle-dev" } ] }