Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 760333 (CVE-2020-16042)

Summary: [Tracker] Operations on a BigInt could have caused uninitialized memory to be exposed (CVE-2020-16042)
Product: Gentoo Security Reporter: Thomas Deutschmann (RETIRED) <whissi>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: crabbedhaloablution
Priority: Normal Keywords: Tracker
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on: 758368, 759097    
Bug Blocks:    

Description Thomas Deutschmann (RETIRED) gentoo-dev 2020-12-16 18:42:16 UTC 
When a BigInt was right-shifted the backing store was not properly cleared, allowing uninitialized memory to be read.
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2020-12-23 21:30:50 UTC 
No dependencies left.