Bug 2276360 (CVE-2024-30171)

Summary: CVE-2024-30171 bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)
Product: [Other] Security Response Reporter: Mauro Matteo Cascella <mcascell>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: aazores, anstephe, arnavarr, aschwart, asoldano, ataylor, avibelli, bbaranow, bgeorges, bihu, bmaxwell, boliveir, brian.stansberry, cdewolf, chazlett, chfoley, clement.escoffier, cmah, dandread, darran.lofthouse, dkreling, dosoudil, dpalmer, drichtar, eaguilar, ebaron, fjuma, fmariani, fmongiar, ggrzybek, gmalinko, gsmet, hamadhan, istudens, ivassile, iweiss, janstey, jkang, jkoops, jmartisk, jnethert, jolong, jpallich, jpoth, jross, jscholz, lgao, lthon, manderse, max.andersen, mosmerov, mposolda, msochure, mstefank, msvehla, mulliken, nwallace, olubyans, pdelbell, pdrozd, peholase, pesilva, pgallagh, pjindal, pmackay, probinso, pskopek, rkieley, rmartinc, rowaters, rruss, rstancel, rstepani, rsvoboda, sausingh, sbiarozk, sdouglas, sfroberg, smaestri, ssilvert, sthorger, swoodman, tcunning, tom.jenkinson, tqvarnst, vmuzikar, wfink, yfang
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: org.bouncycastle-bcprov-jdk18on 1.78 Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the Bouncy Castle Java cryptography APIs. Affected versions of the org.bouncycastle:bcprov-jdk18on package are vulnerable to Observable Timing Discrepancy via the PKCS#1 1.5 and OAEP decryption process (a.k.a. Marvin Attack). An attacker can recover cipher-texts via a side-channel attack by exploiting the Marvin security flaw. The PKCS#1 1.5 attack vector leaks data via javax.crypto.Cipher exceptions and the OAEP interface vector leaks via the bit size of the decrypted data.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2276362    
Bug Blocks: 2276365    

Description Mauro Matteo Cascella 2024-04-22 09:34:31 UTC 
BouncyCastle before version 1.78 is vulnerable to timing side-channel attacks against RSA decryption (both PKCS#1v1.5 and OAEP).

References:
https://www.bouncycastle.org/releasenotes.html
https://github.com/bcgit/bc-java/issues/1528
https://people.redhat.com/~hkario/marvin/
Comment 1 Mauro Matteo Cascella 2024-04-22 09:43:28 UTC 
Created bouncycastle tracking bugs for this issue:

Affects: fedora-all [bug 2276362]
Comment 10 errata-xmlrpc 2024-07-02 16:23:52 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss AMQ

Via RHSA-2024:4271 https://access.redhat.com/errata/RHSA-2024:4271
Comment 11 errata-xmlrpc 2024-07-08 02:23:05 UTC 
This issue has been addressed in the following products:

  Cryostat 3 on RHEL 8

Via RHSA-2024:4173 https://access.redhat.com/errata/RHSA-2024:4173
Comment 12 errata-xmlrpc 2024-07-08 14:12:58 UTC 
This issue has been addressed in the following products:

  Red Hat build of Quarkus 3.8.5

Via RHSA-2024:4326 https://access.redhat.com/errata/RHSA-2024:4326
Comment 13 errata-xmlrpc 2024-07-11 12:28:15 UTC 
This issue has been addressed in the following products:

  Red Hat Build of Apache Camel 4.4 for Quarkus 3.8

Via RHSA-2024:4505 https://access.redhat.com/errata/RHSA-2024:4505
Comment 15 errata-xmlrpc 2024-07-25 19:26:28 UTC 
This issue has been addressed in the following products:

  Red Hat build of Apache Camel 4.4.1 for Spring Boot

Via RHSA-2024:4884 https://access.redhat.com/errata/RHSA-2024:4884
Comment 16 errata-xmlrpc 2024-08-08 17:22:15 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9

Via RHSA-2024:5145 https://access.redhat.com/errata/RHSA-2024:5145
Comment 17 errata-xmlrpc 2024-08-08 17:23:33 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7

Via RHSA-2024:5143 https://access.redhat.com/errata/RHSA-2024:5143
Comment 18 errata-xmlrpc 2024-08-08 17:23:57 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8

Via RHSA-2024:5144 https://access.redhat.com/errata/RHSA-2024:5144
Comment 19 errata-xmlrpc 2024-08-08 17:24:58 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2024:5147 https://access.redhat.com/errata/RHSA-2024:5147
Comment 20 errata-xmlrpc 2024-08-15 20:07:06 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2024:5482 https://access.redhat.com/errata/RHSA-2024:5482
Comment 21 errata-xmlrpc 2024-08-15 20:08:57 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8

Via RHSA-2024:5479 https://access.redhat.com/errata/RHSA-2024:5479
Comment 22 errata-xmlrpc 2024-08-15 20:09:17 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9

Via RHSA-2024:5481 https://access.redhat.com/errata/RHSA-2024:5481