FortiClient Vulnerability

OpenSSL CVE-2016-2106 Numeric Errors Vulnerability

Description

Severity: LowAn overflow can occur in the EVP_EncryptUpdate() function. If an attacker isable to supply very large amounts of input data after a previous call toEVP_EncryptUpdate() with a partial block then a length check can overflowresulting in a heap corruption. Following an analysis of all OpenSSL internalusage of the EVP_EncryptUpdate() function all usage is one of two forms.The first form is where the EVP_EncryptUpdate() call is known to be the firstcalled function after an EVP_EncryptInit(), and therefore that specific callmust be safe. The second form is where the length passed to EVP_EncryptUpdate()can be seen from the code to be some small value and therefore there is nopossibility of an overflow. Since all instances are one of these two forms, itis believed that there can be no overflows in internal code due to this problem.It should be noted that EVP_DecryptUpdate() can call EVP_EncryptUpdate() incertain code paths. Also EVP_CipherUpdate() is a synonym forEVP_EncryptUpdate(). All instances of these calls have also been analysed tooand it is believed there are no instances in internal usage where an overflowcould occur.This could still represent a security issue for end user code that calls thisfunction directly.OpenSSL 1.0.2 users should upgrade to 1.0.2hOpenSSL 1.0.1 users should upgrade to 1.0.1tThis issue was reported to OpenSSL on 3rd March 2016 by Guido Vranken. Thefix was developed by Matt Caswell of the OpenSSL development team.