oss-sec mailing list archives

Re: CVE request: libcrypto++ - Timing Attack Counter Measure

From: cve-assign () mitre org
Date: Mon, 11 Apr 2016 00:40:52 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

https://github.com/weidai11/cryptopp/issues/146

This counter measure seems to be removed by the compiler.

security bug


For "removed by the compiler" issues, sometimes the CVE is associated
with the upstream source code, and sometimes the CVE is associated
with a specific binary package that chose to compile in a way that was
unintended by the source-code authors. We feel that the former is the
best choice here.
https://github.com/weidai11/cryptopp/blob/master/Readme.txt says "The
following compilers are supported for this release ... GCC 3.3 - 5.2."
https://github.com/weidai11/cryptopp/blob/master/GNUmakefile mentions
the possibility of gcc -O3:

  # Aligned access required at -O3 for GCC
  ...
  ifeq ($(findstring -O3,$(CXXFLAGS)),-O3

issues/146 mentions "Debian compiles Crypto++ with the following
flags: -Wdate-time -D_FORTIFY_SOURCE=2 -g -O2 ...."

The gcc man page mentions:

  -O3 Optimize yet more.  -O3 turns on all optimizations specified by -O2

Thus, roughly speaking, it seems that all of Crypto++ had an
expectation of working with any recent version of gcc, even if (for
example) -O2 or -O3 is used. The "code to avoid timing attacks"
doesn't meet this expectation, and thus it's a vulnerability in
Crypto++. (It is not a vulnerability in the packaging within Debian or
any other distribution, and it is not a vulnerability in gcc.)

Use CVE-2016-3995 for this Crypto++ vulnerability.

(As a side note, Crypto++ is packaged for Fedora in the
cryptopp package, e.g., see the
http://pkgs.fedoraproject.org/cgit/rpms/cryptopp.git/tree/cryptopp.spec
page.)

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXCykdAAoJEL54rhJi8gl5gbMQAJzlqJxGZuh3bjUZSgxAdDOz
J7N+b2+vrYGHWqyEaxjjrfetLA5XNKcUKrLuT66Y1Zm0JrFg2pcEM35/dzjl81A0
KnLED6Q+q7LP+GXkuRh0LWYc8eUvmdlhjbY0Xb8NqkOSZD1uBkf6z2FNUr6yyoHF
m+HnSN4RYOXSwpROAY+JfKAmPzcJpDpziJA24y4tLMgKvK6Jbx08mGQjJCYMoZ3l
zX/KDQsmORPXwFbSNLIy20I5D6TTf8mNH18wkDFYKaiqSej7L+wXTOSEKkicnWtD
JQPkQzWq/6rb8uCtddg1GCSHk27OS54NxQMD18ETSXLPIjcsYzGzFAiKWXE44nGu
PckfsBzFTWuyjDKdjspE7RUIq+S3tpyUHjgbTgolK+q6RSvAvPFCXvCjn0SAhBzO
NPQecA9nXCV1oWd0d7a/OGrOaYGhnN8msDEamAVVIheyuQD6ySKCbrZjhPd9LQ/+
mPdZr5o7bW9121hB9nfcbHB6q/RTQusX91aa7R5sypPxIox7TG/TjAfSzp2fFIIk
dwhSZxbgDIyFceSw3Ne9yLRKJlegfwdHxlnhmO7/0X3GPSjG2b7clbhYieoirGrY
xhblDTjW49BikosQPEbc2LGP/9Awp5uokQBJ11BjAvEz9Qz+hqUQ1FWPcVwahlcg
URJpnBTtEN+FY6/u3+0W
=ztqN
-----END PGP SIGNATURE-----

Current thread:

CVE request: libcrypto++ - Timing Attack Counter Measure Matthias Geerdsen (Apr 10)
- Re: CVE request: libcrypto++ - Timing Attack Counter Measure cve-assign (Apr 10)