CVE-2026-22700— RustCrypto Has Insufficient Length Validation in decrypt() in SM2-PKE
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-22700
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
RustCrypto Has Insufficient Length Validation in decrypt() in SM2-PKE
Source: NVD (National Vulnerability Database)
Vulnerability Description
RustCrypto: Elliptic Curves is general purpose Elliptic Curve Cryptography (ECC) support, including types and traits for representing various elliptic curve forms, scalars, points, and public/secret keys composed thereof. In versions 0.14.0-pre.0 and 0.14.0-rc.0, a denial-of-service vulnerability exists in the SM2 public-key encryption (PKE) implementation: the decrypt() path performs unchecked slice::split_at operations on input buffers derived from untrusted ciphertext. An attacker can submit short/undersized ciphertext or carefully-crafted DER-encoded structures to trigger bounds-check panics (Rust unwinding) which crash the calling thread or process. This issue has been patched via commit e60e991.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
输入验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
RustCrypto: Elliptic Curves 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
RustCrypto: Elliptic Curves是Rust Crypto开源的一个Rust加密库。 RustCrypto: Elliptic Curves 0.14.0-pre.0版本和0.14.0-rc.0版本存在输入验证错误漏洞,该漏洞源于SM2公钥加密实现中对源自不受信任密文的输入缓冲区执行未检查的切片分割操作,可能导致拒绝服务攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| RustCrypto | elliptic-curves | = 0.14.0-pre.0 | - |
II. Public POCs for CVE-2026-22700
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-22700
请登录查看更多情报信息。
Same Patch Batch · RustCrypto · 2026-01-10 · 4 CVEs total
| CVE-2026-22699 | 7.5 HIGH | RustCrypto SM2-PKE has Unchecked AffinePoint Decoding (unwrap) in decrypt() |
| CVE-2026-22705 | 6.4 MEDIUM | RustCrypto: Signatures has timing side-channel in ML-DSA decomposition |
| CVE-2026-22698 | RustCrypto SM2-PKE has 32-bit Biased Nonce Vulnerability |
IV. Related Vulnerabilities
Same vendor: RustCrypto
- CVE-2026-24850
ML-DSA Signature Verification Accepts Signatures with Repeat - CVE-2026-23519
RustCrypto cmov: thumbv6m-none-eabi compiler emits non-const - CVE-2026-22705
RustCrypto: Signatures has timing side-channel in ML-DSA dec - CVE-2026-22699
RustCrypto SM2-PKE has Unchecked AffinePoint Decoding (unwra - CVE-2026-22698
RustCrypto SM2-PKE has 32-bit Biased Nonce Vulnerability
Same weakness: CWE-20
V. Comments for CVE-2026-22700
No comments yet