[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request: MatrixSSL lack of RSA-CRT hardening
From: Hanno =?UTF-8?B?QsO2Y2s=?= <hanno () hboeck ! de>
Date: 2016-06-29 7:08:49
Message-ID: 20160629090849.1bdac2cc () pc1
[Download RAW message or body]
On Mon, 27 Jun 2016 08:08:14 +0200
Florian Weimer <fw@deneb.enyo.de> wrote:
> (There are some other changes whose description suggests they would
> warrant CVE assignment as well, but I have not looked at those.)
This (from CHANGES.md) seems notable and probably deserves a CVE:
-------------
##Side Channel Vulnerability on RSA Cipher Suites
A Bleichenbacher variant attack, where certain information is leaked
from the results of a RSA private key operation has been reported by a
security researcher. The code has been updated to error without
providing any information on the premaster contents.
> Note that other side channel attacks may still be possible as
> MatrixSSL non-FIPS crypto is not always constant-time.
-------------
This also:
-------------
##Access Violation on Malicious TLS Record
TLS cipher suites with CBC mode in TLS 1.1 and 1.2 could have an access
violation (read beyond memory) with a maliciously crafted message.
-------------
This is probably the same bug as described here:
https://web-in-security.blogspot.no/2016/05/curious-padding-oracle-in-openssl-cve.html
Quote
-------------
OpenSSL is not alone. I found a similar problem in the MatrixSSL
library, see
https://github.com/matrixssl/matrixssl/blob/master/CHANGES.md. In that
case, unfortunately, a bad patch of Lucky 13 lead even to a buffer
overread vulnerability.
-------------
--
Hanno Böck
https://hboeck.de/
mail/jabber: hanno@hboeck.de
GPG: BBB51E42
[Attachment #3 (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic