Bug 1331563 (CVE-2016-2176) - CVE-2016-2176 openssl: EBCDIC overread in X509_NAME_oneline()
Summary: CVE-2016-2176 openssl: EBCDIC overread in X509_NAME_oneline()
Status: CLOSED NOTABUG
Alias: CVE-2016-2176
Product: Security Response
Classification: Other
Component: vulnerability   
(Show other bugs)
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=low,public=20160503,reported=2...
Keywords: Security
Depends On:
Blocks: 1330106
TreeView+ depends on / blocked
 
Reported: 2016-04-28 19:41 UTC by Tomas Hoger
Modified: 2016-05-08 16:57 UTC (History)
3 users (show)

Fixed In Version: openssl 1.0.1t, openssl 1.0.2h
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-04-28 19:45:14 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
OpenSSL upstream fix (10.98 KB, patch)
2016-04-28 19:43 UTC, Tomas Hoger
no flags Details | Diff

Description Tomas Hoger 2016-04-28 19:41:14 UTC
Quoting form the draft of OpenSSL upstream advisory:

EBCDIC overread (CVE-2016-2176)
===============================

Severity: Low

ASN1 Strings that are over 1024 bytes can cause an overread in applications
using the X509_NAME_oneline() function on EBCDIC systems. This could result in
arbitrary stack data being returned in the buffer.

OpenSSL 1.0.2 users should upgrade to 1.0.2h
OpenSSL 1.0.1 users should upgrade to 1.0.1t

This issue was reported to OpenSSL on 5th March 2016 by Guido Vranken. The
fix was developed by Matt Caswell of the OpenSSL development team.

Comment 1 Tomas Hoger 2016-04-28 19:41:24 UTC
Acknowledgments:

Name: the OpenSSL project
Upstream: Guido Vranken

Comment 2 Tomas Hoger 2016-04-28 19:43 UTC
Created attachment 1152051 [details]
OpenSSL upstream fix

Comment 3 Tomas Hoger 2016-04-28 19:45:14 UTC
OpenSSL packages distributed by Red Hat do not enable EBCDIC support and are therefore unaffected by this issue.

Comment 4 Martin Prpič 2016-05-03 14:19:39 UTC
External References:

https://openssl.org/news/secadv/20160503.txt


Note You need to log in before you can comment on or make changes to this bug.