Upstream information
Description
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. For example this can occur by default in OpenSSL DHE based SSL/TLS ciphersuites. Note: This issue is very similar to CVE-2015-3193 but must be treated as a separate problem.SUSE information
| National Vulnerability Database | SUSE | |
|---|---|---|
| Base Score | 4.30 | 2.57 |
| Vector | AV:N/AC:M/Au:N/C:P/I:N/A:N | AV:N/AC:H/Au:N/C:P/I:N/A:N |
| Access Vector | Network | Network |
| Access Complexity | Medium | High |
| Authentication | None | None |
| Confidentiality Impact | Partial | Partial |
| Integrity Impact | None | None |
| Availability Impact | None | None |
| National Vulnerability Database | |
|---|---|
| Base Score | 5.9 |
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
| Access Vector | Network |
| Access Complexity | High |
| Privileges Required | None |
| User Interaction | None |
| Scope | Unchanged |
| Confidentiality Impact | High |
| Integrity Impact | None |
| Availability Impact | None |
Note from the SUSE Security Team
This problem affects only openssl 1.0.2 and newer, older versions did not have the code and are not affected. SUSE Bugzilla entries: 1021641 [RESOLVED / FIXED], 1022086 [RESOLVED / FIXED], 1025354 [RESOLVED / WORKSFORME] SUSE Security Advisories:- SUSE-SU-2017:0431-1, published Thu Feb 9 07:10:25 MST 2017
- SUSE-SU-2017:0441-1, published Fri Feb 10 13:07:36 MST 2017
- SUSE-SU-2017:0855-1, published Wed Mar 29 10:13:34 MDT 2017
- openSUSE-SU-2017:0481-1, published Fri, 17 Feb 2017 04:12:38 +0100 (CET)
- openSUSE-SU-2017:0527-1, published Tue, 21 Feb 2017 00:07:16 +0100 (CET)
- openSUSE-SU-2017:0941-1, published Wed, 5 Apr 2017 18:20:15 +0200 (CEST)
List of released packages
| Product(s) | Fixed package version(s) | References |
|---|---|---|
| SUSE Enterprise Storage 4 |
| Patchnames: SUSE-Storage-4-2017-476 |
| SUSE Linux Enterprise Desktop 12 SP2 |
| Patchnames: SUSE-SLE-DESKTOP-12-SP2-2017-228 |
| SUSE Linux Enterprise Module for Web Scripting 12 |
| Patchnames: SUSE-SLE-Module-Web-Scripting-12-2017-221 SUSE-SLE-Module-Web-Scripting-12-2017-476 |
| SUSE Linux Enterprise Server 12 SP2 |
| Patchnames: SUSE-SLE-SERVER-12-SP2-2017-228 |
| SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 |
| Patchnames: SUSE-SLE-RPI-12-SP2-2017-228 |
| SUSE Linux Enterprise Software Development Kit 12 SP2 |
| Patchnames: SUSE-SLE-SDK-12-SP2-2017-228 |
| openSUSE Leap 42.1 |
| Patchnames: openSUSE-2017-284 |
| openSUSE Leap 42.2 |
| Patchnames: openSUSE-2017-256 openSUSE-2017-442 |
