OpenSSL CVE-2014-3570 Weak Encryption Vulnerability

description-logoDescription

Severity: LowBignum squaring (BN_sqr) may produce incorrect results on someplatforms, including x86_64. This bug occurs at random with a verylow probability, and is not known to be exploitable in any way, thoughits exact impact is difficult to determine. The following has beendetermined:is very low: 1/2^64 on the single affected 32-bit platform (MIPS) and1/2^128 on affected 64-bit platforms.operations are not affected at all. For the remaining platformscountermeasures thwart bug attacks [1].elliptic curve points that would falsely appear to be on the givencurve. However, there is no known computationally feasible way toconstruct such points with low order, and so the security of staticECDH private keys is believed to be unaffected.exponentiation, primality testing, DSA, RSA blinding, JPAKE andSRP. No exploits are known and straightforward bug attacks fail -either the attacker cannot control when the bug triggers, or noprivate key material is involved.This issue affects all current OpenSSL versions: 1.0.1, 1.0.0 and 0.9.8.OpenSSL 1.0.1 users should upgrade to 1.0.1k.OpenSSL 1.0.0 users should upgrade to 1.0.0p.OpenSSL 0.9.8 users should upgrade to 0.9.8zd.This issue was reported to OpenSSL on 2nd November 2014 by Pieter Wuilleconducted by the OpenSSL development team and Adam Langley ofGoogle. The final fix was developed by Andy Polyakov of the OpenSSLcore team.NoteAs per our previous announcements and our Release Strategy1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for thesereleases will be provided after that date. Users of these releases are advisedto upgrade.ReferencesURL for this Security Advisory:https://www.openssl.org/news/secadv_20150108.txtNote: the online version of the advisory may be updated with additionaldetails over time.For details of OpenSSL severity classifications please see:https://www.openssl.org/about/secpolicy.html

affected-products-logoAffected Applications

OpenSSL

CVE References

CVE-2014-3570