Bug 1238619 (CVE-2015-1793) - CVE-2015-1793 openssl: alternative chains certificate forgery
Summary: CVE-2015-1793 openssl: alternative chains certificate forgery
Alias: CVE-2015-1793
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 1241544
Blocks: 1238620
TreeView+ depends on / blocked
Reported: 2015-07-02 09:52 UTC by Huzaifa S. Sidhpurwala
Modified: 2023-05-12 21:06 UTC (History)
7 users (show)

Fixed In Version: openssl 1.0.1p, openssl 1.0.2d
Doc Type: Bug Fix
Doc Text:
A flaw was found in the way OpenSSL verified alternative certificate chains. An attacker able to supply a certificate chain to an SSL/TLS or DTLS client or an SSL/TLS or DTLS server using client authentication could use this flaw to bypass certain checks in the verification process, possibly allowing them to use one of the certificates in the supplied certificate chain as a CA certificate to generate an invalid certificate.
Clone Of:
Last Closed: 2015-07-13 09:02:26 UTC

Attachments (Terms of Use)
Main patch (1.46 KB, patch)
2015-07-02 09:54 UTC, Huzaifa S. Sidhpurwala
no flags Details | Diff
Followup patch 1 (5.75 KB, patch)
2015-07-02 09:55 UTC, Huzaifa S. Sidhpurwala
no flags Details | Diff
Followup patch 2 (1.13 KB, patch)
2015-07-02 09:55 UTC, Huzaifa S. Sidhpurwala
no flags Details | Diff

Description Huzaifa S. Sidhpurwala 2015-07-02 09:52:37 UTC
The following was reported by OpenSSL upstream:

During certificate verification, OpenSSL (starting from version 1.0.1n and 1.0.2b) will attempt to find an alternative certificate chain if the first
attempt to build such a chain fails. An error in the implementation of this logic can mean that an attacker could cause certain checks on untrusted certificates to be bypassed, such as the CA flag, enabling them to use a valid leaf certificate to act as a CA and "issue" an invalid certificate.

This issue will impact any application that verifies certificates including SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication.

This issue affects OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n and 1.0.1o.

OpenSSL 1.0.2b/1.0.2c users should upgrade to 1.0.2d
OpenSSL 1.0.1n/1.0.1o users should upgrade to 1.0.1p

This issue was reported to OpenSSL on 24th June 2015 by Adam Langley/David Benjamin (Google/BoringSSL). The fix was developed by the BoringSSL project.

Comment 1 Huzaifa S. Sidhpurwala 2015-07-02 09:54:32 UTC
Created attachment 1045431 [details]
Main patch

Comment 2 Huzaifa S. Sidhpurwala 2015-07-02 09:55:02 UTC
Created attachment 1045432 [details]
Followup patch 1

Comment 3 Huzaifa S. Sidhpurwala 2015-07-02 09:55:29 UTC
Created attachment 1045433 [details]
Followup patch 2

Comment 4 Huzaifa S. Sidhpurwala 2015-07-02 09:56:11 UTC

Not vulnerable. This issue does not affect any version of the OpenSSL package as shipped with Red Hat Enterprise Linux 4, 5, 6 and 7, JBoss Enterprise Application Platform 6, Red Hat JBoss Enterprise Web Server 1 and 2, and Red Hat JBoss Web Server 3 because they did not include support for alternative certificate chains.

Comment 5 Huzaifa S. Sidhpurwala 2015-07-06 04:09:55 UTC

Red Hat would like to thank OpenSSL upstream for reporting this issue. Upstream acknowledges Adam Langley of Google and David Benjamin of BoringSSL as the original reporters.

Comment 7 Martin Prpič 2015-07-09 12:49:28 UTC
External References:


Comment 8 Martin Prpič 2015-07-09 12:52:41 UTC
Created openssl tracking bugs for this issue:

Affects: fedora-all [bug 1241544]

Comment 9 Martin Prpič 2015-07-09 13:21:13 UTC
FeedHenry advisory covering impact on multi-tenant SaaS offerings:


Comment 10 Mark J. Cox 2015-07-09 13:22:36 UTC
Note, for clarity, the first affected upstream versions 1.0.1n and 1.0.2b were released on June 11th 2015.

Comment 12 Tomas Hoger 2015-07-09 13:44:20 UTC
Current Fedora versions are affected, as the alternative chain handling code was backported to F21 and F22:


Note You need to log in before you can comment on or make changes to this bug.