CVE-2017-3736
Description
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen.
Affected products
2cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*range: >=1.0.2,<1.0.2m
- (no CPE)range: 1.1.0 - 1.1.0f
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
27- www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.htmlnvdPatchThird Party Advisory
- www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlnvdPatchThird Party Advisory
- www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.htmlnvdPatchThird Party Advisory
- www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.htmlnvdPatchThird Party Advisory
- www.securityfocus.com/bid/101666nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1039727nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2018:0998nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:2185nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:2186nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:2187nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:2568nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:2575nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:2713nvdThird Party Advisory
- github.com/openssl/openssl/commit/4443cf7aa0099e5ce615c18cee249fff77fb0871nvdThird Party Advisory
- security.freebsd.org/advisories/FreeBSD-SA-17:11.openssl.ascnvdThird Party Advisory
- security.gentoo.org/glsa/201712-03nvdThird Party Advisory
- security.netapp.com/advisory/ntap-20171107-0002/nvdIssue TrackingThird Party Advisory
- security.netapp.com/advisory/ntap-20180117-0002/nvdThird Party Advisory
- support.hpe.com/hpsc/doc/public/displaynvdThird Party Advisory
- www.debian.org/security/2017/dsa-4017nvdIssue TrackingThird Party Advisory
- www.debian.org/security/2017/dsa-4018nvdIssue TrackingThird Party Advisory
- www.openssl.org/news/secadv/20171102.txtnvdIssue TrackingVendor Advisory
- www.tenable.com/security/tns-2017-14nvdIssue TrackingThird Party Advisory
- www.tenable.com/security/tns-2017-15nvdThird Party Advisory
- www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlnvd
- www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.htmlnvd
- www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.htmlnvd
News mentions
0No linked articles in our index yet.