Bug 908029 (CVE-2012-2686) - CVE-2012-2686 openssl: DoS due to improper handling of CBC ciphersuites in TLS 1.1/1.2 on AES-NI supporting platforms
Summary: CVE-2012-2686 openssl: DoS due to improper handling of CBC ciphersuites in TL...
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2012-2686
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 908032
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-02-05 17:09 UTC by Vincent Danen
Modified: 2019-09-29 13:00 UTC (History)
1 user (show)

Fixed In Version: openssl 1.0.1d
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-12-19 00:36:23 UTC


Attachments (Terms of Use)

Description Vincent Danen 2013-02-05 17:09:54 UTC
A flaw in the OpenSSL handling of CBC ciphersuites in TLS 1.1 and TLS 1.2 on AES-NI (Advanced Encryption Standard New Instructions) supporting platforms [1] can be exploited in a DoS attack.

Anyone using an AES-NI platform for TLS 1.2 or TLS 1.1 on OpenSSL 1.0.1c is affected. Platforms which do not support AES-NI or versions of OpenSSL which do not implement TLS 1.2 or 1.1 (for example OpenSSL 0.9.8 and 1.0.0) are not affected.

[1] http://en.wikipedia.org/wiki/AES-NI#Supporting_CPUs


External References:

http://www.openssl.org/news/secadv_20130205.txt

Comment 1 Vincent Danen 2013-02-05 17:14:08 UTC
Statement:

Not vulnerable. This issue did not affect the versions of OpenSSL as shipped with Red Hat Enterprise Linux 5 and 6 as they did not include support for TLS 1.2 or 1.1.

Comment 2 Vincent Danen 2013-02-05 17:14:52 UTC
Created openssl tracking bugs for this issue

Affects: fedora-18 [bug 908032]

Comment 3 Tomas Hoger 2013-02-06 13:28:13 UTC
Fix for this is included as part of the changeset which is one of the several changesets added to address CVE-2013-0169 in OpenSSL (bug 907589):

http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=125093b59f3c2a2d33785b5563d929d0472f1721


Note You need to log in before you can comment on or make changes to this bug.