Bug 1331563 (CVE-2016-2176) - CVE-2016-2176 openssl: EBCDIC overread in X509_NAME_oneline()
Summary: CVE-2016-2176 openssl: EBCDIC overread in X509_NAME_oneline()
Alias: CVE-2016-2176
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On:
Blocks: 1330106
TreeView+ depends on / blocked
Reported: 2016-04-28 19:41 UTC by Tomas Hoger
Modified: 2021-02-17 03:57 UTC (History)
3 users (show)

Fixed In Version: openssl 1.0.1t, openssl 1.0.2h
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2016-04-28 19:45:14 UTC

Attachments (Terms of Use)
OpenSSL upstream fix (10.98 KB, patch)
2016-04-28 19:43 UTC, Tomas Hoger
no flags Details | Diff

Description Tomas Hoger 2016-04-28 19:41:14 UTC
Quoting form the draft of OpenSSL upstream advisory:

EBCDIC overread (CVE-2016-2176)

Severity: Low

ASN1 Strings that are over 1024 bytes can cause an overread in applications
using the X509_NAME_oneline() function on EBCDIC systems. This could result in
arbitrary stack data being returned in the buffer.

OpenSSL 1.0.2 users should upgrade to 1.0.2h
OpenSSL 1.0.1 users should upgrade to 1.0.1t

This issue was reported to OpenSSL on 5th March 2016 by Guido Vranken. The
fix was developed by Matt Caswell of the OpenSSL development team.

Comment 1 Tomas Hoger 2016-04-28 19:41:24 UTC

Name: the OpenSSL project
Upstream: Guido Vranken

Comment 2 Tomas Hoger 2016-04-28 19:43:07 UTC
Created attachment 1152051 [details]
OpenSSL upstream fix

Comment 3 Tomas Hoger 2016-04-28 19:45:14 UTC
OpenSSL packages distributed by Red Hat do not enable EBCDIC support and are therefore unaffected by this issue.

Comment 4 Martin Prpič 2016-05-03 14:19:39 UTC
External References:


Note You need to log in before you can comment on or make changes to this bug.