MNBSD-2026-43: timing side-channel in ECDSA signature computation

Severity: Unknown

Affected Package: openssl

Summary: timing side-channel in ECDSA signature computation

Description

A timing signal of around 300 nanoseconds occurs when the top word of the inverted ECDSA nonce value is zero, which can happen with significant probability for some curves (notably NIST P-521). A local or low-latency network attacker may be able to recover private key information. Severity: Low (OpenSSL).

Affected Versions

openssl

Recommendations

No specific recommendations provided.

References

Additional Information

Aliases: CVE-2024-13176

Published: June 11, 2026
Last Modified: June 11, 2026