Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2018.0896 OpenSSL Security Advisory [27 Mar 2018] 28 March 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: OpenSSL Publisher: OpenSSL Operating System: UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Access Privileged Data -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Provide Misleading Information -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2018-0739 CVE-2018-0733 CVE-2017-3738 Reference: ASB-2018.0013 ESB-2018.0852 ESB-2018.0480 ESB-2018.0426 ESB-2018.0174 ESB-2017.3217 ESB-2017.3209 Original Bulletin: https://www.openssl.org/news/secadv/20180327.txt - --------------------------BEGIN INCLUDED TEXT-------------------- OpenSSL Security Advisory [27 Mar 2018] ======================================== Constructed ASN.1 types with a recursive definition could exceed the stack (CVE-2018-0739) ========================================================================================== Severity: Moderate Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. OpenSSL 1.1.0 users should upgrade to 1.1.0h OpenSSL 1.0.2 users should upgrade to 1.0.2o This issue was reported to OpenSSL on 4th January 2018 by the OSS-fuzz project. The fix was developed by Matt Caswell of the OpenSSL development team. Incorrect CRYPTO_memcmp on HP-UX PA-RISC (CVE-2018-0733) ======================================================== Severity: Moderate Because of an implementation bug the PA-RISC CRYPTO_memcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than that guaranteed by the security claims of the scheme. The module can only be compiled by the HP-UX assembler, so that only HP-UX PA-RISC targets are affected. OpenSSL 1.1.0 users should upgrade to 1.1.0h This issue was reported to OpenSSL on 2nd March 2018 by Peter Waltenberg (IBM). The fix was developed by Andy Polyakov of the OpenSSL development team. rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738) ========================================================= Severity: Low This issue has been reported in a previous OpenSSL security advisory and a fix was provided for OpenSSL 1.0.2. Due to the low severity no fix was released at that time for OpenSSL 1.1.0. The fix is now available in OpenSSL 1.1.0h. There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL 1.1.0 users should upgrade to 1.1.0h OpenSSL 1.0.2 users should upgrade to 1.0.2n This issue was reported to OpenSSL on 22nd November 2017 by David Benjamin (Google). The issue was originally found via the OSS-Fuzz project. The fix was developed by Andy Polyakov of the OpenSSL development team. References ========== URL for this Security Advisory: https://www.openssl.org/news/secadv/20180327.txt Note: the online version of the advisory may be updated with additional details over time. For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWrsh4Ix+lLeg9Ub1AQhZ3BAArJbK82Iy1gkH37t4xH276velpl9aVTvH wFU54jmOD2WWFNki58U1y5zysq6HCAPYX6SN7SkTIX2lysiqrvbWbl50yce1WDo6 El/NVDwMsZAfIrBHHHV42Sv6u7n0WFc3OESIkiznYPIzAZUVAItknzJJoRAL2b/R qA834Ta8AvpIAFbdj/vO8hs6qaV1JlKm+ykPrDAeQUlxKpOXD4RhEPmhuS8YzXpb jNUk9IVwRwCyma7SrxjKBYa8dkwmrsdZXLcfx/66NvFUveTbV1n2B2vKW0IcUPC/ f3DsTTQM4RwNmj6eyRwz6YxRiFUat/hNTn2HbtYR8VSmR+81sSlkkHHK2QXwO4OJ uMLtdAGu3zWN6sMMJ9+3bUNz8jXxmYOciQ2Z2PSAMZsRmxoxnERl8a77513l0eIL +wTLDUtPjQd0N0zBStyQkZtSEsKE9iKZk1orD2t5539a5WE5tP0aoi0u1Hhmc9fe ZCtX4lT1sBAAAnavYnk/gW7H18DIJyDQk0K8maBBr1JQFC8ci7paCn2T5mr+RrFH 4GSVTgc8XoiDA0TBhNF2xHwjwoqFkzuoIA2RfYVTClVw2uZI4i6N1j0XuIgl5W/6 ULNN6t6d4LDsQdDLK5Oui0Ic7CBkcxH1gE09ubYQVDxkzLkovZDs+RAlzfIDaNLu YHDpeFYqfYE= =G7a1 -----END PGP SIGNATURE-----