[3.5] openssl: Multiple issues (CVE-2017-3731, CVE-2017-3732, CVE-2016-7055)ID: oval:org.secpod.oval:def:1800846 | Date: (C)2018-03-28 (M)2024-01-29 |
Class: PATCH | Family: unix |
CVE-2017-3731: Truncated packet could crash via OOB read If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305;users should upgrade to 1.1.0d For Openssl 1.0.2, the crash can be triggered when using RC4-MD5; users who have not disabled that algorithm should update to 1.0.2k Fixed In Version openssl 1.0.2k, openssl 1.1.0d Reference CVE-2017-3732: BN_mod_exp may produce incorrect results on x86_64 There is a carry propagating bug in the x86_64 Montgomery squaring procedure. NoEC algorithms are affected. Analysis suggests that attacks against RSA and DSAas a result of this defect would be very difficult to perform and are not believed likely. Fixed In Version openssl 1.0.2k, openssl 1.1.0d Reference CVE-2016-7055: Montgomery multiplication may produce incorrect results There is a carry propagating bug in the Broadwell-specific Montgomerymultiplication procedure that handles input lengths divisible by, butlonger than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is because the subroutine in question is not used in operations with the private key itself and an input of the attacker"s direct choice. Fixed In Version openssl 1.0.2k, openssl 1.1.0c Reference
Platform: |
Alpine Linux 3.5 |