CVE-2025-59432

描述

### Impact A timing attack vulnerability exists in the SCRAM Java implementation. The issue arises because `Arrays.equals` was used to compare secret values such as client proofs and server signatures. Since `Arrays.equals` performs a short-circuit comparison, the execution time varies depending on how many leading bytes match. This behavior could allow an attacker to perform a timing side-channel attack and potentially infer sensitive authentication material. All users relying on SCRAM authentication are impacted. ### Patches This vulnerability has been patched by replacing `Arrays.equals` with `MessageDigest.isEqual`, which ensures constant-time comparison. Users should upgrade to version **3.2** or later to mitigate this issue. ### Workarounds Because the attack requires high precision and repeated attempts, the risk is limited, but the only reliable mitigation is to upgrade to a patched release (version 3.2 or later). ### References - [Java `MessageDigest.isEqual` Documentation](https://docs.oracle.com/en/java/javase/25/docs/api/java.base/java/security/MessageDigest.html#isEqual(byte[],byte[]))

如何修補 CVE-2025-59432

要修補 CVE-2025-59432,請將受影響套件升級到下列已修補版本。

• —未列出修補版本
• —升級至 3.2 或更新版本

CVE-2025-59432 正在被利用嗎?

低 — EPSS 為 0.1%,目前沒有觀察到大規模利用活動。

受影響套件(2)

• from 0
• from 0, < 3.2

CVSS 分數

參考連結(6)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2025-59432
• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2025-59432
• PATCHgithub.com/ongres/scram
• WEBdocs.oracle.com/en/java/javase/25/docs/api/java.base/java/security/MessageDigest.html#isEqual(byte%5B%5D,byte%5B%5D)