From: carnil@debian.org
Source: python-cryptography
Version: 46.0.1-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: carnil@debian.org, Debian Security Team
Hi,
The following vulnerability was published for python-cryptography.
CVE-2026-26007[0]:
| cryptography is a package designed to expose cryptographic
| primitives and recipes to Python developers. Prior to 46.0.5, the
| public_key_from_numbers (or
| EllipticCurvePublicNumbers.public_key()),
| EllipticCurvePublicNumbers.public_key(), load_der_public_key() and
| load_pem_public_key() functions do not verify that the point belongs
| to the expected prime-order subgroup of the curve. This missing
| validation allows an attacker to provide a public key point P from a
| small-order subgroup. This can lead to security issues in various
| situations, such as the most commonly used signature verification
| (ECDSA) and shared key negotiation (ECDH). When the victim computes
| the shared secret as S = [victim_private_key]P via ECDH, this leaks
| information about victim_private_key mod (small_subgroup_order). For
| curves with cofactor > 1, this reveals the least significant bits of
| the private key. When these weak public keys are used in ECDSA ,
| it's easy to forge signatures on the small subgroup. Only SECT
| curves are impacted by this. This vulnerability is fixed in 46.0.5.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2026-26007
https://www.cve.org/CVERecord?id=CVE-2026-26007
[1] https://github.com/pyca/cryptography/security/advisories/GHS
-r6ph-v2qm-q3c2
[2] https://github.com/pyca/cryptography/commit/0eebb9dbb6343d9b
1d91e5a2482ed4e054a6d8c
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)
|
