Mageia: 2019-0106 Moderate: OpenSSL Padding Oracle Attack

mageia

March 7, 2019

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently ...

Summary

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data (CVE-2019-1559).

References

- https://bugs.mageia.org/show_bug.cgi?id=24434

- https://openssl-library.org/news/secadv/20190226.txt

- https://www.cve.org/CVERecord?id=CVE-2019-1559

Topics Covered

security advisory remote attack cryptography padding oracle mageia openss protocol error

Resolution

SRPMS

- 6/core/openssl-1.0.2r-1.mga6

Severity

important

Lowest

Low

Medium

High

Critical

Publication date: 07 Mar 2019

URL: https://advisories.mageia.org/MGASA-2019-0106.html

Type: security

CVE: CVE-2019-1559

Topics Covered

security advisory remote attack cryptography padding oracle mageia openss protocol error

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks