A newly discovered vulnerability in generation of RSA keys used by a software library adopted in cryptographic smartcards, security tokens and other secure hardware chips manufactured by Infineon Technologies AG allows for a practical factorization attack, in which the attacker computes the private part of an RSA key .
The attack is described in the conference paper The Return of Coppersmith's Attack: Practical Factorization of Widely Used RSA Moduli by Matus Nemec, Marek Sys, Petr Svenda, Dusan Klinec and Vashek Matyas which will be disclosed at the ACM conference Nov 2nd.
We should implement a check for weak Infineon keys in our RSA validator. There is already code available which we can use .
The issue has also been discussed at the Mozilla Security Policy mailing list . The CVE number for the vulnerability is CVE-2017-15361 .