Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2026-25793

Опубликовано: 06 фев. 2026
Источник: redhat
CVSS3: 8.1

Описание

Nebula is a scalable overlay networking tool. In versions from 1.7.0 to 1.10.2, when using P256 certificates (which is not the default configuration), it is possible to evade a blocklist entry created against the fingerprint of a certificate by using ECDSA Signature Malleability to use a copy of the certificate with a different fingerprint. This issue has been patched in version 1.10.3.

A flaw was found in Nebula, a scalable overlay networking tool. When configured to use P256 certificates, an attacker can exploit Elliptic Curve Digital Signature Algorithm (ECDSA) Signature Malleability. This allows the attacker to create a modified copy of a certificate with a different fingerprint, thereby evading existing blocklist entries. This could lead to unauthorized network access or bypass of security controls.

Отчет

While the flaw is rated as Important, please keep in mind that there are several preconditions that must be true for a customer to be impacted:

  1. They must be used CURVE_P256 certificates (which are not the default).
  2. They must have one or more entries on their blocklist.
  3. The certificates of those blocklisted entries must be signed by a trusted CA and not expired.
  4. An attacker must have a copy of the private key and corresponding certificate for one of those blocklist entries.

Меры по смягчению последствий

Avoid configuring Nebula to use P256 certificates. This vulnerability is only exploitable when P256 certificates are explicitly enabled, as they are not the default configuration. Ensure Nebula deployments utilize default or other non-P256 certificate types to prevent blocklist evasion.

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-347
https://bugzilla.redhat.com/show_bug.cgi?id=2437914nebula: Nebula: Blocklist evasion via ECDSA Signature Malleability

8.1 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2026-25793

CVSS3: 8.1
nvd
около 2 месяцев назад

Nebula is a scalable overlay networking tool. In versions from 1.7.0 to 1.10.2, when using P256 certificates (which is not the default configuration), it is possible to evade a blocklist entry created against the fingerprint of a certificate by using ECDSA Signature Malleability to use a copy of the certificate with a different fingerprint. This issue has been patched in version 1.10.3.

github логотип

GHSA-69x3-g4r3-p962

github
около 2 месяцев назад

Blocklist Bypass possible via ECDSA Signature Malleability

8.1 High

CVSS3