Bc Lts
Monthly
Out-of-bounds write in Bouncy Castle BC-LTS bcprov-lts8on affects ARM deployments running versions 2.73.0 through 2.73.12.0, with high confidentiality impact if successfully exploited. The flaw resides in ARM-specific native C implementations of SHA3 and SHAKE algorithms and is only triggered when an application accepts memoable SHA3/SHAKE cryptographic states from potentially untrusted external sources. No public exploit code exists and no active exploitation has been confirmed at time of analysis; the CVSS 4.0 score of 1.7 reflects the very narrow exploitation conditions required to reach this code path.
Out-of-bounds write in Bouncy Castle BC-LTS bcprov-lts8on affects ARM deployments running versions 2.73.0 through 2.73.12.0, with high confidentiality impact if successfully exploited. The flaw resides in ARM-specific native C implementations of SHA3 and SHAKE algorithms and is only triggered when an application accepts memoable SHA3/SHAKE cryptographic states from potentially untrusted external sources. No public exploit code exists and no active exploitation has been confirmed at time of analysis; the CVSS 4.0 score of 1.7 reflects the very narrow exploitation conditions required to reach this code path.