Wind River Support Network

HomeSecurity NoticesWind River Linux Security Alert for ‘openssl security bug’ (CVE-2016-0701 & CVE-2015-3197)
Recommended

Wind River Linux Security Alert for ‘openssl security bug’ (CVE-2016-0701 & CVE-2015-3197)

Released: Jan 28, 2016     Updated: Feb 1, 2016

Summary

Two CVE issue on openssl. CVE-2015-3197 effect on all WRL5~8 while CVE-2016-0701 only effect on WRL8.


Affected Product Versions

Wind River Linux 8

Downloads


Defects


CVEs


Description

CVE-2016-0701 only effect on WRL8. Two patches for this CVE issue:

0001-openssl-Security-Advisory-openssl-CVE-2016-0701.patch

0001-openssl-Security-Advisory-openssl-CVE-2016-0701-01.patch

Both of them should be integrated.


DH small subgroups (CVE-2016-0701)


Historically OpenSSL usually only ever generated DH parameters based on "safe"

primes. More recently (in version 1.0.2) support was provided for generating

X9.42 style parameter files such as those required for RFC 5114 support. The

primes used in such files may not be "safe". Where an application is using DH

configured with parameters based on primes that are not "safe" then an attacker

could use this fact to find a peer's private DH exponent. This attack requires

that the attacker complete multiple handshakes in which the peer uses the same

private DH exponent. For example this could be used to discover a TLS server's

private DH exponent if it's reusing the private DH exponent or it's using a

static DH ciphersuite.


SSLv2 doesn't block disabled ciphers (CVE-2015-3197)

A malicious client can negotiate SSLv2 ciphers that have been disabled on the

server and complete SSLv2 handshakes even if all SSLv2 ciphers have been

disabled, provided that the SSLv2 protocol was not also disabled via

SSL_OP_NO_SSLv2.


Live chat
Online