CVE-2023-50980: 
Linux Debian vulnerability analysis and mitigation

Crypto++ (also known as cryptopp) through version 8.9.0 contains a vulnerability in the gf2n.cpp file that allows attackers to cause a denial of service (DoS) through application crashes. The vulnerability is triggered when processing DER public-key data for an F(2^m) curve where the degree of each term in the polynomial is not strictly decreasing (NVD).

The vulnerability exists in the EC2N::DecodePoint function when parsing DER public key files of the F(2^m) class curves. The issue occurs because there is no validation to ensure that the degree of each term in the polynomial maintains a strictly decreasing order. For example, with curve sect193r1 using polynomial f(x) = x^193 + x^15 + 1, if an attacker reverses the order of the exponents in the ASN.1 format, it triggers a segmentation fault in the GF2NT::Reduced function. The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (High) with vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (GitHub Issue, NVD).

When exploited, this vulnerability can lead to denial of service through application crashes. The impact is particularly significant when the affected code is processing ECDSA operations, as any user or server attempting to read a malformed public key file could be susceptible to a DoS attack (GitHub Issue).

A fix has been implemented that includes checking whether the coefficients of the polynomial satisfy strict decreasing order. The patch addresses both the entry point that triggers the issue and the underlying cause of the segmentation fault in the GF2NT::Reduced function (GitHub Issue).