Red Hat Bugzilla – Bug 1276272
CVE-2015-7940 bouncycastle: Invalid curve attack allowing to extract private keys
Last modified: 2016-10-06 12:44:07 EDT
A vulnerability in bouncycastle implementation was found, allowing to perform invalid curve attack. The attack allows to extract private keys used in elliptic curve cryptography with a few thousand queries. Upstream patches: https://github.com/bcgit/bc-java/commit/5cb2f0578e6ec8f0d67e59d05d8c4704d8e05f83 https://github.com/bcgit/bc-java/commit/e25e94a046a6934819133886439984e2fecb2b04 CVE assignment: http://seclists.org/oss-sec/2015/q4/131 Detailed info about the attack: http://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html
Seem affected only in Fedora 21 and 22 (1.50). For Fedora 23 and 24 use bouncycastle 1.52.
Subscription Asset Manager and Satellite 6 both use Candlepin which in turn uses Bouncecastle for X.509 certificate handling. As such they are not really vulnerable to attack so changing to WONTFIX.
Created bouncycastle tracking bugs for this issue: Affects: fedora-all [bug 1277404] Affects: epel-all [bug 1277405]
bouncycastle-1.50-8.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
Version 6.3 of Red Hat JBoss A-MQ, and Red Hat JBoss Fuse will upgrade to the JClouds and Bouncy Castle to an non-affected version 1.54
This issue has been addressed in the following products: Red Hat JBoss A-MQ 6.3 Via RHSA-2016:2036 https://rhn.redhat.com/errata/RHSA-2016-2036.html
This issue has been addressed in the following products: Red Hat JBoss Fuse 6.3 Via RHSA-2016:2035 https://rhn.redhat.com/errata/RHSA-2016-2035.html