
PEACH
Un cadre d’isolation des locataires
CVE-2026-14570 is a cryptographic weakness in the Perl module Crypt::DSA (versions before 1.22) where DSA signing nonces and private keys are drawn from a biased random number generator, enabling private-key recovery via lattice attack. The vulnerability was disclosed on July 5, 2026, by Timothy Legge via the oss-security mailing list and assigned by CPANSec. Affected software is Crypt-DSA by TIMLEGGE, all versions prior to 1.22. No CVSS score has been formally assigned at time of publication; the vulnerability is estimated as Medium severity (GitHub Advisory, oss-security).
The root cause is classified as CWE-330 (Use of Insufficiently Random Values). The function Crypt::DSA::Util::makerandom forces the high bit of every returned value to 1 in order to produce an exactly N-bit integer suitable for prime search; however, both the DSA signing nonce (k) and the private key (x) are drawn from this same biased generator (oss-security). Because the top bit is always set, the output distribution is non-uniform — effectively halving the keyspace — which is a well-known precondition for lattice-based private key recovery attacks (e.g., Hidden Number Problem). An attacker needs only a modest number of signatures produced under the affected key, along with the corresponding public key, to mount the attack; no privileged access or interaction with the victim beyond collecting public signatures is required (GitHub Advisory). The fix in version 1.22 replaces makerandom with Crypt::DSA::Util::randombelow, which uses rejection sampling to produce uniformly distributed values with no forced high bit (oss-security).
Successful exploitation allows an unauthenticated attacker who has collected a modest number of DSA signatures (and the corresponding public key) to fully recover the private key, enabling complete impersonation of the key holder and arbitrary forgery of signatures (GitHub Advisory). This constitutes a critical confidentiality and integrity impact: any data or communications authenticated with the compromised key can no longer be trusted, and the attacker can sign arbitrary content as the legitimate key owner. All keys generated or used for signing with affected versions of Crypt::DSA (before 1.22) must be considered permanently compromised (oss-security).
Crypt::DSA versions before 1.22 by examining the software stack of the signing party or inferring from signature patterns.Upgrade Crypt::DSA to version 1.22 or later, which replaces the biased makerandom function with randombelow (rejection sampling), producing uniformly distributed nonces and private keys (oss-security). Any DSA keys generated or used for signing with versions prior to 1.22 must be treated as compromised: revoke them immediately, generate new keys using the patched version, and redistribute updated public keys to all relying parties. Note that Crypt::DSA was deprecated as of version 1.20; users should evaluate migrating to a maintained cryptographic library. Review all signatures created with affected keys for potential forgery (GitHub Advisory).
The vulnerability was disclosed by Timothy Legge (the module maintainer) directly to the oss-security mailing list and CVE Announce on July 4–5, 2026, with a clear description and patch (oss-security). The advisory notes that Crypt::DSA was already deprecated in version 1.20, reinforcing the recommendation to migrate away from the module entirely. Community aggregators including Vulners, VulDB, and INCIBE picked up the advisory shortly after publication, and a brief mention appeared on Bluesky infosec feeds, but no significant broader media coverage or notable researcher commentary has been observed beyond the initial disclosure.
Source: Ce rapport a été généré à l’aide de l’IA
Évaluation gratuite des vulnérabilités
Évaluez vos pratiques de sécurité cloud dans 9 domaines de sécurité pour évaluer votre niveau de risque et identifier les failles dans vos défenses.
Obtenez une démo personnalisée
"La meilleure expérience utilisateur que j’ai jamais vue, offre une visibilité totale sur les workloads cloud."
"Wiz fournit une interface unique pour voir ce qui se passe dans nos environnements cloud."
"Nous savons que si Wiz identifie quelque chose comme critique, c’est qu’il l’est réellement."