Fixed a DoS vulnerability in the gmp plugin that was caused by insufficient input validation when verifying RSA signatures, which requires decryption with the operation m^e mod n, where m is the signature, and e and n are the exponent and modulus of the public key. The value m is an integer between 0 and n-1, however, the gmp plugin did not verify this. So if m equals n the calculation results in 0, in which case mpz_export() returns NULL. This result wasn't handled properly causing a null-pointer dereference.
This vulnerability has been registered as <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-1118" target="_blank" rel="noopener">CVE-2017-1118</a>5.
August 23, 2017 at 7:51 pm
Build has been created