Project

General

Profile

Bug #6755

openssl: Multiple issues (CVE-2017-3731, CVE-2017-3732, CVE-2016-7055)

Added by Alicha CH over 2 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
-
Start date:
01/27/2017
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Affected versions:
Security IDs:

Description

CVE-2017-3731: Truncated packet could crash via OOB read

If an SSL/TLS server or client is running on a 32-bit host, and a specific
cipher is being used, then a truncated packet can cause that server or client
to perform an out-of-bounds read, usually resulting in a crash.

For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305;
users should upgrade to 1.1.0d

For Openssl 1.0.2, the crash can be triggered when using RC4-MD5; users who have
not disabled that algorithm should update to 1.0.2k

Fixed In Version:

openssl 1.0.2k, openssl 1.1.0d

Reference:

https://www.openssl.org/news/secadv/20170126.txt

CVE-2017-3732: BN_mod_exp may produce incorrect results on x86_64

There is a carry propagating bug in the x86_64 Montgomery squaring procedure. No
EC algorithms are affected. Analysis suggests that attacks against RSA and DSA
as a result of this defect would be very difficult to perform and are not
believed likely.

Fixed In Version:

openssl 1.0.2k, openssl 1.1.0d

Reference:

https://www.openssl.org/news/secadv/20170126.txt

CVE-2016-7055: Montgomery multiplication may produce incorrect results

There is a carry propagating bug in the Broadwell-specific Montgomery
multiplication procedure that handles input lengths divisible by, but
longer than 256 bits. Analysis suggests that attacks against RSA, DSA
and DH private keys are impossible. This is because the subroutine in
question is not used in operations with the private key itself and an input
of the attacker's direct choice.

Fixed In Version:

openssl 1.0.2k, openssl 1.1.0c

Reference:

https://www.openssl.org/news/secadv/20170126.txt


Subtasks

Bug #6756: [3.5] openssl: Multiple issues (CVE-2017-3731, CVE-2017-3732, CVE-2016-7055)Closed

Bug #6757: [3.4] openssl: Multiple issues (CVE-2017-3731, CVE-2017-3732, CVE-2016-7055)Closed

Bug #6758: [3.3] openssl: Multiple issues (CVE-2017-3731, CVE-2017-3732, CVE-2016-7055)Closed

Bug #6759: [3.2] openssl: Multiple issues (CVE-2017-3731, CVE-2017-3732, CVE-2016-7055)Closed

History

#1 Updated by Alicha CH over 2 years ago

  • Project changed from Alpine Security to Alpine Linux
  • Category set to Security
  • Status changed from New to Closed

Also available in: Atom PDF