Opened 5 months ago

Closed 5 months ago

#2797 closed defect (fixed)

ElGamalAESEngine: Improper use of cache

Reported by: jogger Owned by: zzz
Priority: minor Milestone: 0.9.49
Component: api/crypto Version: 0.9.48
Keywords: Cc:
Parent Tickets: Sensitive: no

Description

There is use-after-free of preIV in decryptExistingSession().

Subtickets

Change History (2)

comment:1 Changed 5 months ago by zzz

Milestone: undecided0.9.49
Owner: set to zzz
Status: newaccepted

comment:2 Changed 5 months ago by zzz

Component: router/generalapi/crypto
Resolution: fixed
Status: acceptedclosed

Good catch, thanks
In 20b413bc67f5298c7b7a36cc3499401f38764740 to be 0.9.48-6

Note: See TracTickets for help on using tickets.