5.9

CVSS Score

3.1

Basic Information

CVE ID

GHSA ID

GHSA-g753-jx37-7xwh

EPSS Score

CWE

CWE-362

Published

6/30/2020

Updated

1/9/2023

KEV Status

Technology

JavaScript

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

GHSA-g753-jx37-7xwh

GHSA-g753-jx37-7xwh: ECDSA signature vulnerability of Minerva timing attack in jsrsasign

Impact

ECDSA side-channel attack named Minerava have been found and it was found that it affects to jsrsasign.

Execution time of thousands signature generation have been observed then EC private key which is scalar value may be recovered since point and scalar multiplication time depends on bits of scalar. In jsrsasign 8.0.13 or later, execution time of EC point and scalar multiplication is almost constant and fixed for the issue.

Minerva is one of timing attack or side channel attack for EC.
If you don't use ECDSA class, you are not affected the vulnerability.
The vulnerability is that attacker may guess private key by checking processing time of EC key generation or ECDSA signing.
The cause issue is that point multiplication processing time in ECDSA signing is depends on private key value.
After 8.0.13, processing time of point multiplication in ECDSA signing have become constant for key value in theory.

Patches

Users using ECDSA signature generation should upgrade to 8.0.13 or later.

Workarounds

There is no workarounds in jsrsasign. Update jsrsasign or use other ECDSA library.

ACKNOWLEDGEMENT

Thanks to Jan Jancar @J08nY, Petr Svenda and Vladimir Sedlacek of Masaryk University in Czech Republic to find and report this vulnerability.

References

https://minerva.crocs.fi.muni.cz/ https://www.npmjs.com/advisories/1505 https://github.com/kjur/jsrsasign/issues/411

(GitHub Advisory)

5.9

CVSS Score

3.1

Basic Information

CVE ID

GHSA ID

GHSA-g753-jx37-7xwh

EPSS Score

CWE

CWE-362

Published

6/30/2020

Updated

1/9/2023

KEV Status

Technology

JavaScript

Technical Details

CVSS Vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
jsrsasign	npm	>= 4.0.0, < 8.0.13	8.0.13

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from the ECPointFp.multiply method's timing dependency on scalar bit values. The commit diff shows significant changes to this function in ext/ec.js, adding dummy operations to create constant-time execution. The vulnerability documentation specifically mentions point multiplication timing as the root cause, and the patch directly modifies this function to mitigate the Minerva attack by introducing complementary scalar processing to eliminate timing variations.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t ***S* si**-***nn*l *tt**k n*m** [Min*r*v*](*ttps://min*rv*.*ro*s.*i.muni.*z/) **v* ***n *oun* *n* it w*s *oun* t**t it *****ts to jsrs*si*n. *x**ution tim* o* t*ous*n*s si*n*tur* **n*r*tion **v* ***n o*s*rv** t**n ** priv*t* k*y w*i** is

Reasoning

T** vuln*r**ility st*ms *rom t** `**Point*p.multiply` m*t*o*'s timin* **p*n**n*y on s**l*r *it v*lu*s. T** *ommit *i** s*ows si*ni*i**nt ***n**s to t*is *un*tion in `*xt/**.js`, ***in* *ummy op*r*tions to *r**t* *onst*nt-tim* *x**ution. T** vuln*r**i

5.9

Basic Information

Concerned about an active attack path?

GHSA-g753-jx37-7xwh: ECDSA signature vulnerability of Minerva timing attack in jsrsasign

Impact

Patches

Workarounds

ACKNOWLEDGEMENT

References

5.9

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI