#VU9109 Carry propagation issue in OpenSSL


Published: 2017-11-02

Vulnerability identifier: #VU9109

Vulnerability risk: Low

CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-3736

CWE-ID: CWE-310

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
OpenSSL
Server applications / Encryption software

Vendor: OpenSSL Software Foundation

Description
The vulnerability allows a remote attacker to decrypt data.

The vulnerability exists due to carry propagating bug in the x86_64 Montgomery squaring procedure (bn_sqrx8x_internal). A remote attacker can decrypt encrypted data. The vulnerability affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen.

Mitigation
Update to version 1.0.2m or 1.1.0g.

Vulnerable software versions

OpenSSL: 1.0.2 - 1.0.2l, 1.1.0 - 1.1.0f

External links
http://www.openssl.org/news/secadv/20171102.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Dell Networker
Multiple vulnerabilities in IBM Cognos Analytics
Multiple vulnerabilities in IBM Tivoli Network Manager IP Edition
Multiple vulnerabilities in IBM Cognos Business Intelligence Server
Multiple vulnerabilities in IBM Cognos Insight
Multiple vulnerabilities in IBM Planning Analytics Local
Multiple vulnerabilities in IBM Algo One Core
Multiple vulnerabilities in IBM MQ
Amazon Linux AMI update for openssl
Multiple vulnerabilities in IBM Cognos Controller