{"id":61441,"date":"2026-06-09T16:11:36","date_gmt":"2026-06-09T16:11:36","guid":{"rendered":"https:\/\/zero.redgem.net\/?p=61441"},"modified":"2026-06-09T16:11:36","modified_gmt":"2026-06-09T16:11:36","slug":"ffc-dh-peer-validation-uses-attacker-supplied-q","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=61441","title":{"rendered":"FFC-DH Peer Validation Uses Attacker-Supplied q_CVE-2026-42770"},"content":{"rendered":"

{“lastseen”:””,”description”:”Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42)\\npeer key, the peer key is not properly checked for the subgroup membership.\\n\\nImpact summary: A malicious peer which presents an X9.42 key carrying the\\nvictim’s p and g parameters, a forged q = r (a small prime factor of the\\ncofactor (p\u22121)\/q_local), and a public value Y of order r can recover the\\nvictim’s private key after a small number of key exchange attempts.\\n\\nWhen EVP_PKEY_derive_set_peer() is called with a DHX (X9.42) peer key, the\\nsubgroup membership check Y^q \u2261 1 (mod p) is performed using the peer’s\\nown q parameter, not the local key’s q. The peer’s domain parameters are\\nthen matched against the domain parameters of the private key, but the value\\nof q is not compared.\\n\\nA malicious peer who presents an X9.42 key carrying the victim’s p, g,\\na forged q = r (a small prime factor of the cofactor), and a public\\nvalue Y of order r passes all checks. The shared secret then takes only\\nr distinct values, leaking priv mod r. Repeating for each small-prime\\nfactor of the cofactor and combining via CRT recovers the full private\\nkey (Lim\u2013Lee \/ small-subgroup-confinement attack).\\n\\nThe realistic attack surface is narrow: principally CMP deployments with\\nlong-lived RA\/CA DHX keys and bespoke enterprise or government applications\\nusing X9.42 DHX static keys with interactive protocols and therefore this\\nissue was assigned Low severity.\\n\\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are affected by this\\nissue.”,”published”:”2026-06-09T16:03:29.802Z”,”modified”:”2026-06-09T19:35:28.505Z”,”type”:”cve”,”title”:”FFC-DH Peer Validation Uses Attacker-Supplied q”,”source”:”openssl”,”references”:”https:\/\/openssl-library.org\/news\/secadv\/20260609.txt\\nhttps:\/\/github.com\/openssl\/security\/commit\/3da5a516cd2635a320ff748503db2cef7c4b0f02\\nhttps:\/\/github.com\/openssl\/security\/commit\/3ddbb7ab50bd93dfc59cbe08e269a67605aeebdb\\nhttps:\/\/github.com\/openssl\/security\/commit\/ca2237ab5615641b662183b077f62c08d75e8070\\nhttps:\/\/github.com\/openssl\/security\/commit\/5f452bba2c681423d8fcffd120a19b757ee42e3c\\nhttps:\/\/github.com\/openssl\/security\/commit\/7fbfde7677ed8808828bf00ff01c937ca04bdda2″,”id”:”CVE-2026-42770″,”bulletinFamily”:””,”cwe”:[“CWE-325″],”cvelist”:null,”sourceData”:”OpenSSL OpenSSL 4.0.0\\nOpenSSL OpenSSL 3.6.0\\nOpenSSL OpenSSL 3.5.0\\nOpenSSL OpenSSL 3.4.0\\nOpenSSL OpenSSL 3.0.0″,”sourceHref”:””,”cvss”:{“score”:3.7,”severity”:”LOW”,”vector”:”CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:L\/I:N\/A:N”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”OpenSSL”,”version”:”4.0.0″,”vendor”:”OpenSSL”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:””,”description”:”Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42)\\npeer key, the peer key is not properly checked for the subgroup membership.\\n\\nImpact summary: A malicious…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,145,12,71,13,7,11,5],"class_list":["post-61441","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-37","tag-exploit","tag-low","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\nFFC-DH Peer Validation Uses Attacker-Supplied q_CVE-2026-42770 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=61441\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"FFC-DH Peer Validation Uses Attacker-Supplied q_CVE-2026-42770 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:””,”description”:”Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42)npeer key, the peer key is not properly checked for the subgroup membership.nnImpact summary: A malicious...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=61441\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2026-06-09T16:11:36+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=61441#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=61441\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"FFC-DH Peer Validation Uses Attacker-Supplied q_CVE-2026-42770\",\"datePublished\":\"2026-06-09T16:11:36+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=61441\"},\"wordCount\":469,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-3.7\",\"exploit\",\"LOW\",\"news\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_cve\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=61441#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=61441\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=61441\",\"name\":\"FFC-DH Peer Validation Uses Attacker-Supplied q_CVE-2026-42770 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2026-06-09T16:11:36+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=61441#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=61441\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=61441#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"FFC-DH Peer Validation Uses Attacker-Supplied q_CVE-2026-42770\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"FFC-DH Peer Validation Uses Attacker-Supplied q_CVE-2026-42770 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=61441","og_locale":"en_US","og_type":"article","og_title":"FFC-DH Peer Validation Uses Attacker-Supplied q_CVE-2026-42770 - zero redgem","og_description":"{“lastseen”:””,”description”:”Issue summary: When EVP_PKEY_derive_set_peer() is called with a DHX (X9.42)npeer key, the peer key is not properly checked for the subgroup membership.nnImpact summary: A malicious...","og_url":"https:\/\/zero.redgem.net\/?p=61441","og_site_name":"zero redgem","article_published_time":"2026-06-09T16:11:36+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=61441#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=61441"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"FFC-DH Peer Validation Uses Attacker-Supplied q_CVE-2026-42770","datePublished":"2026-06-09T16:11:36+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=61441"},"wordCount":469,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-3.7","exploit","LOW","news","Security","tapic","Vulnerability"],"articleSection":["category_cve"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=61441#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=61441","url":"https:\/\/zero.redgem.net\/?p=61441","name":"FFC-DH Peer Validation Uses Attacker-Supplied q_CVE-2026-42770 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2026-06-09T16:11:36+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=61441#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=61441"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=61441#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"FFC-DH Peer Validation Uses Attacker-Supplied q_CVE-2026-42770"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/61441","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=61441"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/61441\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=61441"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=61441"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=61441"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}