oss-sec mailing list archives
Re: CVE request: MatrixSSL lack of RSA-CRT hardening
From: cve-assign () mitre org
Date: Fri, 19 Aug 2016 09:48:16 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Date: Wed, 29 Jun 2016 09:08:49 +0200
https://github.com/matrixssl/matrixssl/blob/master/CHANGES.md
Version 3.8.3 April 2016 BUG FIXES
##Side Channel Vulnerability on RSA Cipher Suites A Bleichenbacher variant attack, where certain information is leaked from the results of a RSA private key operation has been reported by a security researcher. The code has been updated to error without providing any information on the premaster contents.
Use CVE-2016-6883.
##Access Violation on Malicious TLS Record TLS cipher suites with CBC mode in TLS 1.1 and 1.2 could have an access violation (read beyond memory) with a maliciously crafted message.
Use CVE-2016-6884. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJXtwzzAAoJEHb/MwWLVhi2xmgP/iD9XBpR+o52Gs61DvmXISo6 dD2oDK7BZLV4VDNgQxYVE+s1cr4vjInh6F5AFp0DfV/ThhplpblJzyMC9V/8R5x7 ifZmpJACnrBvsoObFy2gu/4AxNgN6CBT+x5HBehZLsp/v+IPEQoo+QSagRtpnqye XHg6epkDcGJELzyfr+QLKU7bXEZJ5NLCoMMudFqE9iPOOPVluybsk/r5jLCwzp5y R82f/C040qjIZtkrwvKukoWFR6cpuhNYTqxYPNK5HIk1XDsXik1DmXfUnklV5u8h /yzd1QHQiS1ajFQz49qlYpWK7qz6JNwjnX07Oqg4MUT1rVTB0GpZwIPllcgcLMfU f6wtY2KfarJLpI/+XuwPSCqAO1yblyHr21Z0EEOa/QwpOnXQEDbv4wPKNBU+QjDj /F88xB7HE5DFsWi/TDqTG3H0RKqauVPBiExwimNwvsG1c3v7iCBOmvCK2h5OWBOq SVUBXhoce+4/QSorL1Q3qsxRWdtjUV0MYmts/r/sJj8aR6pBe2vDEtg79aimaxSd cQS7Lgnul2zMb1cGm/AzoS5YSjwn16V9iOMbKCHy9jXh/qc+Rp5ZtdsM9ZkgO/Gb NcqjLyLM72SgdX2ewCbFgP7g7YfwWKyz3tUjKi/hQjr5bM/uUoZInQKuEF/B+vB7 HShanqXyyZFlrLWiy6+R =jgkP -----END PGP SIGNATURE-----
Current thread:
- Re: CVE request: MatrixSSL lack of RSA-CRT hardening cve-assign (Aug 19)
- <Possible follow-ups>
- Re: CVE request: MatrixSSL lack of RSA-CRT hardening cve-assign (Aug 19)