Bug 1393920 – CVE-2016-7054 openssl: Corrupting larger payloads when using ChaCha20/Poly1305 ciphersuites leads to DoS

Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.

Bug 1393920 - (CVE-2016-7054) CVE-2016-7054 openssl: Corrupting larger payloads when using ChaCha20/Poly1305 ciphersuites leads to DoS

Summary:	CVE-2016-7054 openssl: Corrupting larger payloads when using ChaCha20/Poly130...

Status:	CLOSED NOTABUG

Aliases:	CVE-2016-7054

Product:	Security Response
Classification:	Other
Component:	vulnerability (Show other bugs)
Sub Component:
Version:	unspecified
Hardware:	All Linux

Priority	high Severity high
Target Milestone:	---
Target Release:	---
Assigned To:	Red Hat Product Security
QA Contact:
Docs Contact:

URL:
Whiteboard:	impact=important,public=20161110,repo...
Keywords:	Security

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2016-11-10 11:02 EST by Adam Mariš
Modified:	2017-01-05 06:08 EST (History)
CC List:	30 users (show)

See Also:
Fixed In Version:	openssl 1.1.0c
Doc Type:	If docs needed, set a value
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2016-11-10 11:03:21 EST
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Adam Mariš 2016-11-10 11:02:19 EST

Quoting form the OpenSSL upstream advisory:

ChaCha20/Poly1305 heap-buffer-overflow (CVE-2016-7054)
======================================================

Severity: High

TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS
attack by corrupting larger payloads. This can result in an OpenSSL crash. This
issue is not considered to be exploitable beyond a DoS.

OpenSSL 1.1.0 users should upgrade to 1.1.0c

This issue does not affect OpenSSL versions prior to 1.1.0

This issue was reported to OpenSSL on 25th September 2016 by Robert
Święcki (Google Security Team), and was found using honggfuzz. The fix
was developed by Richard Levitte of the OpenSSL development team.

External References:

https://www.openssl.org/news/secadv/20161110.txt

Comment 1 Adam Mariš 2016-11-10 11:02:44 EST

Acknowledgments:

Name: the OpenSSL project
Upstream: Robert Święcki (Google Security Team)

Comment 2 Mark J. Cox 2017-01-05 06:08:47 EST

additional reference

https://www.silverf0x00.com/overview-of-mac-algorithms-fuzzing-tls-and-finally-exploiting-cve-2016-7054-part-1/

Note You need to log in before you can comment on or make changes to this bug.

bbaranow
bmaxwell
cdewolf
csutherl
dandread
darran.lofthouse
dosoudil
erik-fedora
gzaronik
jawilson
jclere
ktietz
lersek
lgao
marcandre.lureau
mbabacek
mjc
myarboro
pgier
psakar
pslavice
redhat-bugzilla
rjones
rnetuka
rsvoboda
sardella
tmraz
twalsh
vtunka
weli