Candidate: CVE-2020-26939
PublicDate: 2020-11-02 22:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26939
 https://github.com/bcgit/bc-java/wiki/CVE-2020-26939
 https://github.com/bcgit/bc-java/commit/930f8b274c4f1f3a46e68b5441f1e7fadb57e8c1 (r1rv61)
Description:
 In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2,
 attackers can obtain sensitive information about a private exponent because
 of Observable Differences in Behavior to Error Inputs. This occurs in
 org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext
 that decrypts to a short payload in the OAEP Decoder could result in the
 throwing of an early exception, potentially leaking some information about
 the private exponent of the RSA private key performing the encryption.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N [5.3 MEDIUM]


Patches_bouncycastle:
upstream_bouncycastle: released (1.61-1)
precise/esm_bouncycastle: DNE
trusty_bouncycastle: ignored (out of standard support)
trusty/esm_bouncycastle: DNE
xenial_bouncycastle: ignored (end of standard support, was needs-triage)
bionic_bouncycastle: needs-triage
focal_bouncycastle: not-affected (1.61-1)
groovy_bouncycastle: not-affected
hirsute_bouncycastle: not-affected
impish_bouncycastle: not-affected
jammy_bouncycastle: not-affected
devel_bouncycastle: not-affected