Advisories ยป MGASA-2017-0042

Updated openssl packages fix security vulnerability

Publication date: 05 Feb 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-7055 , CVE-2017-3731 , CVE-2017-3732

Description

There is a carry propagation bug in the Broadwell-specific Montgomery
multiplication procedure that handles input lengths divisible by, but
longer than 256 bits. mong EC algorithms only Brainpool P-512 curves are
affected and one presumably can attack ECDH key negotiation
(CVE-2016-7055).

If an SSL/TLS server or client is running on a 32-bit host, and a specific
cipher is being used, then a truncated packet can cause that server or
client to perform an out-of-bounds read, usually resulting in a crash. The
crash can be triggered when using RC4-MD5, if it has not been disabled
(CVE-2017-3731).

There is a carry propagating bug in the x86_64 Montgomery squaring
procedure. An attacker would need online access to an unpatched system
using the target private key in a scenario with persistent DH parameters
and a private key that is shared between multiple clients (CVE-2017-3732).
                

References

SRPMS

5/core