Mandriva

MDVSA-2015:063: openssl

Leave a comment

Multiple vulnerabilities has been discovered and corrected in openssl:

The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before
0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL
servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate
brute-force decryption by offering a weak ephemeral RSA key in a
noncompliant role, related to the FREAK issue. NOTE: the scope of
this CVE is only client code based on OpenSSL, not EXPORT_RSA issues
associated with servers or other TLS implementations (CVE-2015-0204).

Use-after-free vulnerability in the d2i_ECPrivateKey function in
crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r,
1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote
attackers to cause a denial of service (memory corruption and
application crash) or possibly have unspecified other impact via a
malformed Elliptic Curve (EC) private-key file that is improperly
handled during import (CVE-2015-0209).

The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before
0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before
1.0.2a does not properly perform boolean-type comparisons, which allows
remote attackers to cause a denial of service (invalid read operation
and application crash) via a crafted X.509 certificate to an endpoint
that uses the certificate-verification feature (CVE-2015-0286).

The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL
before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2
before 1.0.2a does not reinitialize CHOICE and ADB data structures,
which might allow attackers to cause a denial of service (invalid
write operation and memory corruption) by leveraging an application
that relies on ASN.1 structure reuse (CVE-2015-0287).

The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL
before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2
before 1.0.2a might allow attackers to cause a denial of service
(NULL pointer dereference and application crash) via an invalid
certificate key (CVE-2015-0288).

The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before
1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not
properly handle a lack of outer ContentInfo, which allows attackers to
cause a denial of service (NULL pointer dereference and application
crash) by leveraging an application that processes arbitrary PKCS#7
data and providing malformed data with ASN.1 encoding, related to
crypto/pkcs7/pk7_doit.c and crypto/pkcs7/pk7_lib.c (CVE-2015-0289).

The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before
1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote
attackers to cause a denial of service (s2_lib.c assertion failure and
daemon exit) via a crafted CLIENT-MASTER-KEY message (CVE-2015-0293).

The updated packages have been upgraded to the 1.0.0r version where
these security flaws has been fixed.

Leave a Reply