Описание
Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions in src/crypto-1.1.js; an attacker can recover the private key by exploiting the incorrect compareTo checks that accept out-of-range candidates and thus bias DSA nonces during signature generation.
A flaw was found in jsrsasign. An attacker can exploit an incomplete comparison vulnerability in the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions. By manipulating incorrect comparison checks, an attacker can bias the Digital Signature Algorithm (DSA) nonces during signature generation. This allows the attacker to recover the private key, leading to a critical security compromise.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Migration Toolkit for Virtualization | migration-toolkit-virtualization/mtv-console-plugin-rhel9 | Affected | ||
| Migration Toolkit for Virtualization | mtv-candidate/mtv-console-plugin-rhel9 | Will not fix | ||
| Red Hat Quay 3 | quay/quay-rhel9 | Affected | ||
| Red Hat Quay 3.1 | quay/quay-rhel8 | Fixed | RHSA-2026:6912 | 07.04.2026 |
| Red Hat Quay 3.12 | quay/quay-rhel8 | Fixed | RHSA-2026:6720 | 06.04.2026 |
| Red Hat Quay 3.15 | quay/quay-rhel8 | Fixed | RHSA-2026:6568 | 03.04.2026 |
| Red Hat Quay 3.9 | quay/quay-rhel8 | Fixed | RHSA-2026:6926 | 07.04.2026 |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
9.1 Critical
CVSS3
Связанные уязвимости
Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions in src/crypto-1.1.js; an attacker can recover the private key by exploiting the incorrect compareTo checks that accept out-of-range candidates and thus bias DSA nonces during signature generation.
jsrsasign: Incomplete Comparison Allows DSA Private Key Recovery via Biased Nonce Generation
9.1 Critical
CVSS3