(Red Hat Issues Fix for Red Hat JBoss) OpenSSL Overflow in rsaz_1024_mul_avx2() Lets Remote Users Obtain Potentially Sensitive Information in Certain Cases and SSL_read()/SSL_write() Error State Bug May Bypass Decryption/Encryption in Certain Application Dependent Cases
SecurityTracker Alert ID: 1041290|
SecurityTracker URL: http://securitytracker.com/id/1041290
(Links to External Site)
Date: Jul 13 2018
Disclosure of authentication information, Disclosure of user information|
Fix Available: Yes Vendor Confirmed: Yes |
Two vulnerabilities were reported in OpenSSL. A remote user can obtain potentially sensitive information on the target system in certain cases. A remote user may be able to cause an application to bypass decryption/encryption in certain limited cases. Red Hat JBoss is affected.|
A remote user can exploit an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli to potentially determine information about the private key in certain situations [CVE-2017-3738].
Processors that support the AVX2 but not ADX extensions (e.g., Intel Haswell (4th generation)) are affected.
Attacks against DH1024 may be feasible.
EC algorithms are not affected.
A remote user can invoke a handshake failure to trigger a bug in OpenSSL error handling code for applications that directly make an SSL_read() or SSL_write() call for an SSL object after receiving a fatal error, causing data to bypass the decryption or encryption process [CVE-2017-3737]. Versions 1.0.2b and after are affected.
David Benjamin (Google) reported these vulnerabilities.
A remote user can potentially determine information about the private key in certain situations.|
A remote user may be able to cause an application to bypass decryption/encryption in certain limited cases.
Red Hat has issued a fix for Red Hat JBoss.|
The Red Hat advisory is available at:
Vendor URL: access.redhat.com/errata/RHSA-2018:2187 (Links to External Site)
Boundary error, State error|
|Underlying OS: Linux (Red Hat Enterprise)|
|Underlying OS Comments: 6, 7|
This archive entry is a follow-up to the message listed below.|
Source Message Contents
Subject: [RHSA-2018:2187-01] Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update|
-----BEGIN PGP SIGNED MESSAGE-----
Red Hat Security Advisory
Synopsis: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update
Advisory ID: RHSA-2018:2187-01
Product: Red Hat JBoss Core Services
Advisory URL: https://access.redhat.com/errata/RHSA-2018:2187
Issue date: 2018-07-12
CVE Names: CVE-2016-2182 CVE-2016-6302 CVE-2016-6306
CVE-2016-7055 CVE-2017-3731 CVE-2017-3732
CVE-2017-3736 CVE-2017-3737 CVE-2017-3738
Red Hat JBoss Core Services Pack Apache Server 2.4.29 packages are now
Red Hat Product Security has rated this release as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
This release adds the new Apache HTTP Server 2.4.29 packages that are part
of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services
Apache HTTP Server 2.4.23, and includes bug fixes and enhancements. Refer
to the Release Notes for information on the most significant bug fixes,
enhancements and component upgrades included in this release.
This release upgrades OpenSSL to version 1.0.2.n
* openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()
* openssl: Insufficient TLS session ticket HMAC length checks
* openssl: certificate message OOB reads (CVE-2016-6306)
* openssl: Carry propagating bug in Montgomery multiplication
* openssl: Truncated packet could crash via OOB read (CVE-2017-3731)
* openssl: BN_mod_exp may produce incorrect results on x86_64
* openssl: bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
* openssl: Read/write after SSL object in error state (CVE-2017-3737)
* openssl: rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6306
and CVE-2016-7055. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360
Inc.) as the original reporter of CVE-2016-6306.
The References section of this erratum contains a download link (you must
log in to download the update). Before applying the update, back up your
existing Red Hat JBoss Web Server installation (including all applications
and configuration files).
After installing the updated packages, the httpd daemon will be restarted
4. Bugs fixed (https://bugzilla.redhat.com/):
1367340 - CVE-2016-2182 openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()
1369855 - CVE-2016-6302 openssl: Insufficient TLS session ticket HMAC length checks
1377594 - CVE-2016-6306 openssl: certificate message OOB reads
1393929 - CVE-2016-7055 openssl: Carry propagating bug in Montgomery multiplication
1416852 - CVE-2017-3731 openssl: Truncated packet could crash via OOB read
1416856 - CVE-2017-3732 openssl: BN_mod_exp may produce incorrect results on x86_64
1509169 - CVE-2017-3736 openssl: bn_sqrx8x_internal carry bug on x86_64
1523504 - CVE-2017-3737 openssl: Read/write after SSL object in error state
1523510 - CVE-2017-3738 openssl: rsaz_1024_mul_avx2 overflow bug on x86_64
The Red Hat security contact is <email@example.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2018 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
-----END PGP SIGNATURE-----
RHSA-announce mailing list