CVE-2019-25003: libsecp256k1 contains side-channel timing attack

August 25, 2021 (updated August 25, 2023)

Versions of libsecp256k1 prior to 0.3.1 did not execute Scalar::check_overflow in constant time. This allows an attacker to potentially leak information via a timing attack. The flaw was corrected by modifying Scalar::check_overflow to execute in constant time.

References

github.com/advisories/GHSA-hrjm-c879-pp86
github.com/paritytech/libsecp256k1
github.com/paritytech/libsecp256k1/commit/11ba23a9766a5079918cd9f515bc100bc8164b50
nvd.nist.gov/vuln/detail/CVE-2019-25003
rustsec.org/advisories/RUSTSEC-2019-0027.html

Code Behaviors & Features

Detect and mitigate CVE-2019-25003 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →