DEBIAN-CVE-2016-1000340

DEBIAN-CVE-2016-1000340 PUBLISHED CVSS 7.5 HIGH

In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propagation bug was introduced in the implementation of squaring for several raw math classes have been fixed (org.bouncycastle.math.raw.Nat???). These classes are used by our custom elliptic curve implementations (org.bouncycastle.math.ec.custom.**), so there was the possibility of rare (in general usage) spurious calculations for elliptic curve scalar multiplications. Such errors would have been detected with high probability by the output validation for our scalar multipliers.

Risk Scores

CVSS v3.0

7.5

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected Products

Vendor	Product	Versions
Debian:14	bouncycastle	0, 0, 0
Debian:11	bouncycastle	0, 0, 0
Debian:12	bouncycastle	0, 0, 0
Debian:13	bouncycastle	0, 0, 0

Exploit Intelligence

releasenotes.html (github-poc)

Timeline

Jun 4, 2018 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2016-1000340 advisory

Open in Interactive Console →