CVE-2022-23003

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided descriptions.

Description The issue arises when computing a shared secret or point multiplication on the NIST P-256 curve, resulting in an X coordinate of zero. The output is not properly reduced modulo the P-256 field prime, leading to an invalid result. This may cause errors when used in other operations, potentially allowing an attacker to leverage the issue for a limited denial of service targeting individual users. The impact is confined to applications using the affected library and does not extend to other components.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.