CVE-2019-14853: ecdsa Denial of Service vulnerability in signature verification and signature malleability
(updated )
Code using VerifyingKey.verify() and VerifyingKey.verify_digest() may receive exceptions other than the documented BadSignatureError when signatures are malformed. If those other exceptions are not caught, they may lead to program termination and thus Denial of Service
Code using VerifyingKey.verify() and VerifyingKey.verify_digest() with sigdecode option using ecdsa.util.sigdecode_der will accept signatures even if they are not properly formatted DER. This makes the signatures malleable. It impacts only applications that later sign the signatures or verify signatures of signatures, e.g. Bitcoin.
All versions between 0.5 and 0.13.2 (inclusive) are thought to be vulnerable. Code before 0.5 may be vulnerable but didn’t receive extended analysis to rule this issue out.
References
- bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14853
- github.com/advisories/GHSA-pwfw-mgfj-7g3g
- github.com/pypa/advisory-database/tree/main/vulns/ecdsa/PYSEC-2019-177.yaml
- github.com/warner/python-ecdsa
- github.com/warner/python-ecdsa/releases/tag/python-ecdsa-0.13.3
- github.com/warner/python-ecdsa/security/advisories/GHSA-pwfw-mgfj-7g3g
- nvd.nist.gov/vuln/detail/CVE-2019-14853
- seclists.org/bugtraq/2019/Dec/33
- www.debian.org/security/2019/dsa-4588
Detect and mitigate CVE-2019-14853 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →