Wind River Support Network

HomeDefectsLIN5-21422
Fixed

LIN5-21422 : Security Advisory - OpenSSL - CVE-2016-2107

Created: May 3, 2016    Updated: May 29, 2018
Resolved Date: May 4, 2016
Found In Version: 5.0.1.35
Fix Version: 5.0.1.36
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace

Description

Note only version 1.0.1 is affected.  Version 1.0.0 in Wind River Linux 5 is not affected.

Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
======================================================

Severity: High

A MITM attacker can use a padding oracle attack to decrypt traffic
when the connection uses an AES CBC cipher and the server support
AES-NI.

This issue was introduced as part of the fix for Lucky 13 padding
attack (CVE-2013-0169). The padding check was rewritten to be in
constant time by making sure that always the same bytes are read and
compared against either the MAC or padding bytes. But it no longer
checked that there was enough data to have both the MAC and padding
bytes.

This issue was reported to OpenSSL on 13th of April 2016 by Juraj
Somorovsky using TLS-Attacker. The fix was developed by Kurt Roeckx
of the OpenSSL development team.

Other Downloads


Live chat
Online