CPANSA-Net-Dropbear-2016-6129-libtomcrypt: Net-Dropbear vulnerability
Publisher | giterlizzi | Document category | csaf_security_advisory |
---|---|---|---|
Initial release date | 2017-02-13T00:00:00 | Engine | CSAF Perl Toolkit 0.25 |
Current release date | 2017-02-13T00:00:00 | Build Date | |
Current version | 1 | Status | final |
CVSS v3.1 Base Score | 7.5 | Severity | High |
Original language | Language | en | |
Also referred to |
Vulnerability Description
The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the ASN.1 encoded data length, which makes it easier for remote attackers to forge RSA signatures or public certificates by leveraging a Bleichenbacher signature forgery attack.
Vulnerabilities
CVE-2016-6129
Vulnerability DescriptionThe rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the ASN.1 encoded data length, which makes it easier for remote attackers to forge RSA signatures or public certificates by leveraging a Bleichenbacher signature forgery attack.
Weakness | CWE-20 : Improper Input Validation |
---|
Product status
Known affected
Product | Score | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Net-Dropbear greater than or equal 0.01 and less than or equal 0.10 |
|
giterlizzi
Namespace: https://github.com/giterlizzi/
gdt@cpan.org
References
- CPANSA-Net-Dropbear-2016-6129-libtomcrypt JSON self
https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2017/cpansa-net-dropbear-2016-6129-libtomcrypt.json - https://www.op-tee.org/advisories/ external
https://www.op-tee.org/advisories/ - https://github.com/libtom/libtomcrypt/commit/5eb9743410ce4657e9d54fef26a2ee31a1b5dd0 external
https://github.com/libtom/libtomcrypt/commit/5eb9743410ce4657e9d54fef26a2ee31a1b5dd0 - https://bugzilla.redhat.com/show_bug.cgi?id=1370955 external
https://bugzilla.redhat.com/show_bug.cgi?id=1370955 - CVE-2016-6129 (NVD) external
https://nvd.nist.gov/vuln/detail/CVE-2016-6129
Revision history
Version | Date of the revision | Summary of the revision |
---|---|---|
1 | Mon Feb 13 00:00:00 2017 | First release |
Sharing rules
TLP:WHITE
For the TLP version see: https://www.first.org/tlp/