Bug#1116054: libscram-java: CVE-2025-59432
Salvatore Bonaccorso
carnil at debian.org
Tue Sep 23 16:50:00 BST 2025
Source: libscram-java
Version: 3.1-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
Hi,
The following vulnerability was published for libscram-java.
CVE-2025-59432[0]:
| SCRAM (Salted Challenge Response Authentication Mechanism) is part
| of the family of Simple Authentication and Security Layer (SASL, RFC
| 4422) authentication mechanisms. Prior to version 3.2, a timing
| attack vulnerability exists in the SCRAM Java implementation. The
| issue arises because Arrays.equals was used to compare secret values
| such as client proofs and server signatures. Since Arrays.equals
| performs a short-circuit comparison, the execution time varies
| depending on how many leading bytes match. This behavior could allow
| an attacker to perform a timing side-channel attack and potentially
| infer sensitive authentication material. All users relying on SCRAM
| authentication are impacted. This vulnerability has been patched in
| version 3.1 by replacing Arrays.equals with MessageDigest.isEqual,
| which ensures constant-time comparison.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2025-59432
https://www.cve.org/CVERecord?id=CVE-2025-59432
[1] https://github.com/ongres/scram/security/advisories/GHSA-3wfh-36rx-9537
[2] https://github.com/ongres/scram/commit/e0b0cf99f05406a0d26682c72fcb5728e95124b3
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
More information about the pkg-java-maintainers
mailing list