SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (VPN)  >   OpenSSL Vendors:   OpenSSL.org
OpenSSL bn_sqrx8x_internal() Carry Bug Lets Remote Users Obtain Potentially Sensitive Information on the Target System in Certain Cases
SecurityTracker Alert ID:  1039727
SecurityTracker URL:  http://securitytracker.com/id/1039727
CVE Reference:   CVE-2017-3736   (Links to External Site)
Date:  Nov 2 2017
Impact:   Disclosure of authentication information
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in OpenSSL. A remote user can obtain potentially sensitive information on the target system in certain cases.

A remote user can exploit a carry propagation flaw in the the x86_64 Montgomery squaring function bn_sqrx8x_internal() to potentially determine information about the private key in certain situations.

Processors that support the BMI1, BMI2, and ADX extensions (e.g., Intel Broadwell 5th generation and later, AMD Ryzen) are affected.

EC algorithms are not affected.

The Google OSS-Fuzz project reported this vulnerability.

Impact:   A remote user can potentially determine information about the private key in certain situations.
Solution:   The vendor has issued a fix (1.0.2m, 1.1.0g).

The vendor advisory is available at:

https://www.openssl.org/news/secadv/20171102.txt

Vendor URL:  www.openssl.org/news/secadv/20171102.txt (Links to External Site)
Cause:   State error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Nov 6 2017 (Ubuntu Issues Fix) OpenSSL bn_sqrx8x_internal() Carry Bug Lets Remote Users Obtain Potentially Sensitive Information on the Target System in Certain Cases
Ubuntu has issued a fix for Ubuntu Linux 14.04 LTS, 16.04 LTS, 17.04, and 17.10.
Nov 21 2017 (Tenable Network Security Issues Fix for Tenable SecurityCenter) OpenSSL bn_sqrx8x_internal() Carry Bug Lets Remote Users Obtain Potentially Sensitive Information on the Target System in Certain Cases
Tenable Network Security has issued a fix for Tenable SecurityCenter.
Nov 29 2017 (FreeBSD Issues Fix) OpenSSL bn_sqrx8x_internal() Carry Bug Lets Remote Users Obtain Potentially Sensitive Information on the Target System in Certain Cases
FreeBSD has issued a fix for FreeBSD 10.3, 10.4, 11.0, and 11.1.
Dec 1 2017 (Blue Coat Systems Issues Advisory for Blue Coat ProxyAV) OpenSSL bn_sqrx8x_internal() Carry Bug Lets Remote Users Obtain Potentially Sensitive Information on the Target System in Certain Cases
Blue Coat Systems has issued an advisory for Blue Coat ProxyAV.
Dec 1 2017 (Blue Coat Systems Issues Advisory for Blue Coat ProxySG) OpenSSL bn_sqrx8x_internal() Carry Bug Lets Remote Users Obtain Potentially Sensitive Information on the Target System in Certain Cases
Blue Coat Systems has issued an advisory for Blue Coat ProxySG.
Feb 8 2018 (IBM Issues Fix for IBM Tivoli Provisioning Manager for OS Deployment) OpenSSL bn_sqrx8x_internal() Carry Bug Lets Remote Users Obtain Potentially Sensitive Information on the Target System in Certain Cases
IBM has issued a fix for IBM Tivoli Provisioning Manager for OS Deployment.
Apr 13 2018 (Red Hat Issues Fix) OpenSSL bn_sqrx8x_internal() Carry Bug Lets Remote Users Obtain Potentially Sensitive Information on the Target System in Certain Cases
Red Hat has issued a fix for Red Hat Enterprise Linux 7.
Apr 27 2018 (IBM Issues Fix for IBM InfoSphere Information Server) OpenSSL bn_sqrx8x_internal() Carry Bug Lets Remote Users Obtain Potentially Sensitive Information on the Target System in Certain Cases
IBM has issued a fix for IBM InfoSphere Information Server.
May 10 2018 (IBM Issues Fix for IBM Security Guardium) OpenSSL bn_sqrx8x_internal() Carry Bug Lets Remote Users Obtain Potentially Sensitive Information on the Target System in Certain Cases
IBM has issued a fix for IBM Security Guardium.
May 31 2018 (IBM Issues Fix for IBM Security Network Protection) OpenSSL bn_sqrx8x_internal() Carry Bug Lets Remote Users Obtain Potentially Sensitive Information on the Target System in Certain Cases
IBM has issued a fix for IBM Security Network Protection.
Jul 13 2018 (Red Hat Issues Fix for Red Hat JBoss) OpenSSL bn_sqrx8x_internal() Carry Bug Lets Remote Users Obtain Potentially Sensitive Information on the Target System in Certain Cases
Red Hat has issued a fix for Red Hat JBoss for Red Hat Enterprise Linux.
Aug 20 2018 (IBM Issues Fix for IBM Security Network IPS) OpenSSL bn_sqrx8x_internal() Carry Bug Lets Remote Users Obtain Potentially Sensitive Information on the Target System in Certain Cases
IBM has issued a fix for IBM Security Network IPS.
Oct 4 2018 (IBM Issues Fix for IBM WebSphere Application Server) OpenSSL bn_sqrx8x_internal() Carry Bug Lets Remote Users Obtain Potentially Sensitive Information on the Target System in Certain Cases
IBM has issued a fix for IBM WebSphere Application Server.



 Source Message Contents

Subject:  [openssl-announce] OpenSSL Security Advisory

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


OpenSSL Security Advisory [02 Nov 2017]
========================================

bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
======================================================

Severity: Moderate

There is a carry propagating bug in the x86_64 Montgomery squaring procedure. No
EC algorithms are affected. Analysis suggests that attacks against RSA and DSA
as a result of this defect would be very difficult to perform and are not
believed likely. Attacks against DH are considered just feasible (although very
difficult) because most of the work necessary to deduce information
about a private key may be performed offline. The amount of resources
required for such an attack would be very significant and likely only
accessible to a limited number of attackers. An attacker would
additionally need online access to an unpatched system using the target
private key in a scenario with persistent DH parameters and a private
key that is shared between multiple clients.

This only affects processors that support the BMI1, BMI2 and ADX extensions like
Intel Broadwell (5th generation) and later or AMD Ryzen.

Note: This issue is very similar to CVE-2017-3732 and CVE-2015-3193 but must be
treated as a separate problem.

OpenSSL 1.1.0 users should upgrade to 1.1.0g
OpenSSL 1.0.2 users should upgrade to 1.0.2m

This issue was reported to OpenSSL on 10th August 2017 by the OSS-Fuzz project.
The fix was developed by Andy Polyakov of the OpenSSL development team.

Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735)
====================================================================

Severity: Low

This issue was previously announced in security advisory
https://www.openssl.org/news/secadv/20170828.txt, but the fix has not previously
been included in a release due to its low severity.

OpenSSL 1.1.0 users should upgrade to 1.1.0g
OpenSSL 1.0.2 users should upgrade to 1.0.2m


Note
====

Support for version 1.0.1 ended on 31st December 2016. Support for versions
0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longer
receiving security updates.

References
==========

URL for this Security Advisory:
https://www.openssl.org/news/secadv/20171102.txt

Note: the online version of the advisory may be updated with additional details
over time.

For details of OpenSSL severity classifications please see:
https://www.openssl.org/policies/secpolicy.html
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCAAGBQJZ+y3yAAoJENnE0m0OYESRWooH/2cS+HkzBCCdnJ/CWuhKomTe
hshdBbYw/eYeZgrUYZX6CYosvhLX1Hkwef3vVMxHDXsnBnnZfGfwCS2EfXJ96xXK
KiXVchBwlpmovrOuAvrGtPqLkiVOZZpGMfopP30WCKc6tkdqjw/NvruMbg7Iz+Sy
ki5AM7Vw7kAEa18KAGjSN4jSrCHMIKkOeGkmay5hHlYLwQRQDAAo5EmWmVOJpUXF
ddvQ6h+NKqlWAMF+2/U3PhUFa4V7xqlKR3GMdRawVSaoKQUsPXvRGAhLnvqfOonx
y0yl7y9a7EJrcRl8HWf7qqZf0B/m3YapCHNNcBYWry+qk7LJgGjIHDF8VFkEABg=
=k+bJ
-----END PGP SIGNATURE-----
-- 
openssl-announce mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-announce
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC