CVE-2017-3738
openssl: rsaz_1024_mul_avx2 overflow bug on x86_64
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). Note: The impact from this issue is similar to CVE-2017-3736, CVE-2017-3732 and CVE-2015-3193. OpenSSL version 1.0.2-1.0.2m and 1.1.0-1.1.0g are affected. Fixed in OpenSSL 1.0.2n. Due to the low severity of this issue we are not issuing a new release of OpenSSL 1.1.0 at this time. The fix will be included in OpenSSL 1.1.0h when it becomes available. The fix is also available in commit e502cc86d in the OpenSSL git repository.
Existe un error de desbordamiento en el procedimiento de multiplicación AVX2 Montgomery empleado en la exponenciación con módulos de 1024 bits. Los algoritmos EC no se han visto afectados. Los análisis sugieren que los ataques contra RSA y DSA como resultado de este defecto serían muy difíciles de realizar y se cree que son improbables. Los ataques contra DH102 se consideran solo posibles, ya que la mayor parte del trabajo necesario para deducir información sobre una clave privada puede realizarse sin conexión. La cantidad de recursos necesarios para realizar tal ataque sería significativa. Sin embargo, para que un ataque sobre TLS sea significativo, el servidor tendría que compartir la clave privada DH1024 entre múltiples clientes, lo que ya no es una opción desde CVE-2016-0701. Esto solo afecta a procesadores compatibles con la extensión AVX2, pero no la ADX, como Intel Haswell (cuarta generación). Nota: El impacto de este problema es similar a CVE-2017-3736, CVE-2017-3732 y CVE-2015-3193. Se han visto afectadas las versiones 1.0.2-1.0.2m y 1.1.0-1.1.0g de OpenSSL. Se ha solucionado en OpenSSL 1.0.2n. Debido a la baja gravedad de este problema, no se va a lanzar una nueva versión de OpenSSL 1.1.0 en este momento. La corrección se aplicará en OpenSSL 1.1.0h cuando esté disponible. La corrección también estará disponible en el commit con ID e502cc86d en el repositorio Git de OpenSSL.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-12-16 CVE Reserved
- 2017-12-07 CVE Published
- 2024-03-12 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-190: Integer Overflow or Wraparound
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (29)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/102118 | Third Party Advisory | |
http://www.securitytracker.com/id/1039978 | Third Party Advisory | |
https://security.netapp.com/advisory/ntap-20171208-0001 | Third Party Advisory | |
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03881en_us | Third Party Advisory | |
https://www.tenable.com/security/tns-2017-16 | Third Party Advisory | |
https://www.tenable.com/security/tns-2018-04 | Third Party Advisory | |
https://www.tenable.com/security/tns-2018-06 | Third Party Advisory | |
https://www.tenable.com/security/tns-2018-07 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://access.redhat.com/errata/RHSA-2018:0998 | 2022-08-19 | |
https://access.redhat.com/errata/RHSA-2018:2185 | 2022-08-19 | |
https://access.redhat.com/errata/RHSA-2018:2186 | 2022-08-19 | |
https://access.redhat.com/errata/RHSA-2018:2187 | 2022-08-19 | |
https://nodejs.org/en/blog/vulnerability/december-2017-security-releases | 2022-08-19 | |
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:12.openssl.asc | 2022-08-19 | |
https://security.gentoo.org/glsa/201712-03 | 2022-08-19 | |
https://www.debian.org/security/2017/dsa-4065 | 2022-08-19 | |
https://www.debian.org/security/2018/dsa-4157 | 2022-08-19 | |
https://www.openssl.org/news/secadv/20171207.txt | 2022-08-19 | |
https://www.openssl.org/news/secadv/20180327.txt | 2022-08-19 | |
https://access.redhat.com/security/cve/CVE-2017-3738 | 2018-07-12 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1523510 | 2018-07-12 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.2 Search vendor "Openssl" for product "Openssl" and version "1.0.2" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.2 Search vendor "Openssl" for product "Openssl" and version "1.0.2" | beta1 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.2 Search vendor "Openssl" for product "Openssl" and version "1.0.2" | beta2 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.2 Search vendor "Openssl" for product "Openssl" and version "1.0.2" | beta3 |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.2a Search vendor "Openssl" for product "Openssl" and version "1.0.2a" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.2b Search vendor "Openssl" for product "Openssl" and version "1.0.2b" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.2c Search vendor "Openssl" for product "Openssl" and version "1.0.2c" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.2d Search vendor "Openssl" for product "Openssl" and version "1.0.2d" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.2e Search vendor "Openssl" for product "Openssl" and version "1.0.2e" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.2f Search vendor "Openssl" for product "Openssl" and version "1.0.2f" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.2g Search vendor "Openssl" for product "Openssl" and version "1.0.2g" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.2h Search vendor "Openssl" for product "Openssl" and version "1.0.2h" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.2i Search vendor "Openssl" for product "Openssl" and version "1.0.2i" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.2j Search vendor "Openssl" for product "Openssl" and version "1.0.2j" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.2k Search vendor "Openssl" for product "Openssl" and version "1.0.2k" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.2l Search vendor "Openssl" for product "Openssl" and version "1.0.2l" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.0.2m Search vendor "Openssl" for product "Openssl" and version "1.0.2m" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.1.0 Search vendor "Openssl" for product "Openssl" and version "1.1.0" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.1.0a Search vendor "Openssl" for product "Openssl" and version "1.1.0a" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.1.0b Search vendor "Openssl" for product "Openssl" and version "1.1.0b" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.1.0c Search vendor "Openssl" for product "Openssl" and version "1.1.0c" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.1.0d Search vendor "Openssl" for product "Openssl" and version "1.1.0d" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.1.0e Search vendor "Openssl" for product "Openssl" and version "1.1.0e" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.1.0f Search vendor "Openssl" for product "Openssl" and version "1.1.0f" | - |
Affected
| ||||||
Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.1.0g Search vendor "Openssl" for product "Openssl" and version "1.1.0g" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
Nodejs Search vendor "Nodejs" | Node.js Search vendor "Nodejs" for product "Node.js" | >= 4.0.0 <= 4.1.2 Search vendor "Nodejs" for product "Node.js" and version " >= 4.0.0 <= 4.1.2" | - |
Affected
| ||||||
Nodejs Search vendor "Nodejs" | Node.js Search vendor "Nodejs" for product "Node.js" | >= 4.2.0 < 4.8.7 Search vendor "Nodejs" for product "Node.js" and version " >= 4.2.0 < 4.8.7" | lts |
Affected
| ||||||
Nodejs Search vendor "Nodejs" | Node.js Search vendor "Nodejs" for product "Node.js" | >= 6.0.0 <= 6.8.1 Search vendor "Nodejs" for product "Node.js" and version " >= 6.0.0 <= 6.8.1" | - |
Affected
| ||||||
Nodejs Search vendor "Nodejs" | Node.js Search vendor "Nodejs" for product "Node.js" | >= 6.9.0 < 6.12.2 Search vendor "Nodejs" for product "Node.js" and version " >= 6.9.0 < 6.12.2" | lts |
Affected
| ||||||
Nodejs Search vendor "Nodejs" | Node.js Search vendor "Nodejs" for product "Node.js" | >= 8.0.0 <= 8.8.1 Search vendor "Nodejs" for product "Node.js" and version " >= 8.0.0 <= 8.8.1" | - |
Affected
| ||||||
Nodejs Search vendor "Nodejs" | Node.js Search vendor "Nodejs" for product "Node.js" | >= 8.9.0 < 8.9.3 Search vendor "Nodejs" for product "Node.js" and version " >= 8.9.0 < 8.9.3" | lts |
Affected
| ||||||
Nodejs Search vendor "Nodejs" | Node.js Search vendor "Nodejs" for product "Node.js" | >= 9.0.0 < 9.2.1 Search vendor "Nodejs" for product "Node.js" and version " >= 9.0.0 < 9.2.1" | - |
Affected
|