libgcrypt P256 signature malleability via weak DER enforcement
Sam James
sam at gentoo.org
Wed Jan 14 23:43:33 CET 2026
Jake Ginesin via Gnupg-devel <gnupg-devel at gnupg.org> writes:
> Thank you for your response, and thank you for upstreaming this issue to libksba.
>
> May I be granted a GNU bugtracker account, such that I may participate in the ticket thread? I would like to emphasize
> the security impact of this issue, as an attacker may very trivially mutate signatures without affecting validity. In
> addition to the CVEs previously mentioned, CVE-2019-14859 and BIP-66 also report on the same issue in other libraries.
As a casual observer, is there a reason you submitted this publicly, and
not via https://gnupg.org/documentation/security.html?
I'm a bit surprised to have seen it publicly and also found it strange
someone else did something similar recently on the libgcrypt mailing list.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 418 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20260114/6ddf7bd1/attachment.sig>
More information about the Gnupg-devel
mailing list