Common Vulnerabilities and Exposures assigned an identifier CVE-2009-3245 to the following vulnerability: OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors. Upstream bug report: http://rt.openssl.org/Ticket/Display.html?id=2111&user=guest&pass=guest References: http://marc.info/?l=openssl-cvs&m=126692180606861&w=2 http://marc.info/?l=openssl-cvs&m=126692159706582&w=2 http://marc.info/?l=openssl-cvs&m=126692170906712&w=2 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049 http://secunia.com/advisories/38761
Missing bn_wexpand return value check may cause BIGNUM value to have data buffer of an insufficient size. If called right after the creation of BIGNUM, data pointer will be NULL, hence leading to NULL pointer deref crashes. If bn_wexpand is used to expand / reallocate existing BIGNUM, failed malloc will cause d and dmax to be left unchanged. Depending on the code following bn_wexpand, this can lead to buffer over-reads or over-writes. First report of the missing bn_wexpand return value check was for and occurrence in crypt/bn/bn_mul.c (see upstream bug report mentioned in comment #0). Upstream commit: http://cvs.openssl.org/chngview?cn=18936 This problem affects openssl packages in Red Hat Enterprise Linux 5. Older openssl packages in RHEL 3 and RHEL 4 are not affected. Follow-up report adding few more missing bn_wexpand return value checks: http://cvs.openssl.org/chngview?cn=19309 Changes following files: - crypto/bn/bn_div.c - change is in the old and no longer used implementation (inside #if 0 block), so this is non-issue - crypto/bn/bn_gf2m.c - affected function - BN_GF2m_add - is not used in Red Hat openssl packages as they do not have support for Elliptic Curve Public-Key Crypto; this function is used by the openssl ECC code - affected code does not exist in openssl 0.9.7 in RHEL3 and RHEL4 - this is exposed via libcrypto - crypto/ec/ec2_smpl.c - ECC code again, not enabled in Red Hat openssl packages - engines/e_ubsec.c - this code implements "UBSEC hardware engine support" - limited to NULL pointer deref (bn_wexpand called right after BN_new) - affects all openssl versions (crypto/engine/hw_ubsec.c in 0.9.7) There are no other bn_wexpand calls missing return value check in openssl packages in RHEL 3, 4, or 5 as well as current 1.0.0-beta5 (RHEL 6 / Rawhide).
Summary of affected versions: openssl packages in Red Hat Enterprise Linux 5 are affected by bn_mul.c, bn_gf2m.c (this function is only used by openssl's ECC code, which is not included in Red Hat packages) and e_ubsec.c issues. openssl packages in Red Hat Enterprise Linux 3 and 4 are only affected by hw_ubsec.c issue (impact is limited to NULL pointer dereferrence and the flaw is hardware engine specific, so low impact on RHEL3 and RHEL4 packages).
openssl-0.9.8m-1.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/openssl-0.9.8m-1.fc11
This issue has been addressed in openssl packages in following products: Red Hat Enterprise Linux 5 Via RHSA-2010:0162 https://rhn.redhat.com/errata/RHSA-2010-0162.html
This issue has been addressed in openssl096b packages in following products: Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Via RHSA-2010:0173 https://rhn.redhat.com/errata/RHSA-2010-0173.html
openssl-0.9.8n-1.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/openssl-0.9.8n-1.fc11
As noted in comment #3, this issue has low security impact on openssl packages in Red Hat Enterprise Linux 3 and 4. Future openssl updates in those products will address this flaw. CVSSv2 score for RHEL-3 and RHEL-4 openssl: 2.6/AV:N/AC:H/Au:N/C:N/I:N/A:P
openssl-1.0.0-1.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/openssl-1.0.0-1.fc13
openssl-1.0.0-1.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/openssl-1.0.0-1.fc12
openssl-1.0.0-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
openssl-0.9.8n-1.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
openssl-1.0.0-4.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/openssl-1.0.0-4.fc12
openssl-1.0.0-4.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products: Red Hat Enterprise Virtualization for RHEL-5 Via RHSA-2010:0440 https://rhn.redhat.com/errata/RHSA-2010-0440.html
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Via RHSA-2010:0977 https://rhn.redhat.com/errata/RHSA-2010-0977.html
This issue has been addressed in following products: JBoss Enterprise Web Server 1.0 Via RHSA-2011:0896 https://rhn.redhat.com/errata/RHSA-2011-0896.html
Statement: (none)