A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.
{ "binaries": [ { "binary_version": "3.4.1-0ubuntu0.18.04.1", "binary_name": "libhogweed4" }, { "binary_version": "3.4.1-0ubuntu0.18.04.1", "binary_name": "libhogweed4-dbgsym" }, { "binary_version": "3.4.1-0ubuntu0.18.04.1", "binary_name": "libnettle6" }, { "binary_version": "3.4.1-0ubuntu0.18.04.1", "binary_name": "libnettle6-dbgsym" }, { "binary_version": "3.4.1-0ubuntu0.18.04.1", "binary_name": "nettle-bin" }, { "binary_version": "3.4.1-0ubuntu0.18.04.1", "binary_name": "nettle-bin-dbgsym" }, { "binary_version": "3.4.1-0ubuntu0.18.04.1", "binary_name": "nettle-dev" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_version": "3.5.1+really3.5.1-2ubuntu0.2", "binary_name": "libhogweed5" }, { "binary_version": "3.5.1+really3.5.1-2ubuntu0.2", "binary_name": "libhogweed5-dbgsym" }, { "binary_version": "3.5.1+really3.5.1-2ubuntu0.2", "binary_name": "libnettle7" }, { "binary_version": "3.5.1+really3.5.1-2ubuntu0.2", "binary_name": "libnettle7-dbgsym" }, { "binary_version": "3.5.1+really3.5.1-2ubuntu0.2", "binary_name": "nettle-bin" }, { "binary_version": "3.5.1+really3.5.1-2ubuntu0.2", "binary_name": "nettle-bin-dbgsym" }, { "binary_version": "3.5.1+really3.5.1-2ubuntu0.2", "binary_name": "nettle-dev" } ], "availability": "No subscription required" }