diff --git a/ChangeLog b/ChangeLog
index e26caed4ac..e657ebeeec 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -13,6 +13,12 @@ Security
      characters after the footer could result in the execution of an infinite
      loop. The issue can be triggered remotely. Found by Greg Zaverucha,
      Microsoft.
+   * Fixed a bug that caused freeing a buffer that was allocated on the stack,
+     when verifying the validity of a key on secp224k1. This could be
+     triggered remotely for example with a maliciously constructed certificate
+     and might have led to remote code execution on some exotic embedded
+     platforms. Reported independently by rongsaws and Regina Wilson.
+     CVE-2017-2784
 
 Bugfix
    * Fix output certificate verification flags set by x509_crt_verify_top() when
diff --git a/library/ecp_curves.c b/library/ecp_curves.c
index f5afe44b5a..db6ad3ced8 100644
--- a/library/ecp_curves.c
+++ b/library/ecp_curves.c
@@ -1264,7 +1264,7 @@ static inline int ecp_mod_koblitz( mpi *N, t_uint *Rp, size_t p_limbs,
     int ret;
     size_t i;
     mpi M, R;
-    t_uint Mp[P_KOBLITZ_MAX + P_KOBLITZ_R];
+    t_uint Mp[P_KOBLITZ_MAX + P_KOBLITZ_R + 1];
 
     if( N->n < p_limbs )
         return( 0 );
@@ -1286,7 +1286,7 @@ static inline int ecp_mod_koblitz( mpi *N, t_uint *Rp, size_t p_limbs,
     memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( t_uint ) );
     if( shift != 0 )
         MPI_CHK( mpi_shift_r( &M, shift ) );
-    M.n += R.n - adjust; /* Make room for multiplication by R */
+    M.n += R.n; /* Make room for multiplication by R */
 
     /* N = A0 */
     if( mask != 0 )
@@ -1308,7 +1308,7 @@ static inline int ecp_mod_koblitz( mpi *N, t_uint *Rp, size_t p_limbs,
     memcpy( Mp, N->p + p_limbs - adjust, M.n * sizeof( t_uint ) );
     if( shift != 0 )
         MPI_CHK( mpi_shift_r( &M, shift ) );
-    M.n += R.n - adjust; /* Make room for multiplication by R */
+    M.n += R.n; /* Make room for multiplication by R */
 
     /* N = A0 */
     if( mask != 0 )