diff options
author | Jack Lloyd <jack@randombit.net> | 2016-11-23 12:46:45 -0500 |
---|---|---|
committer | Jack Lloyd <jack@randombit.net> | 2016-11-27 16:49:17 -0500 |
commit | 06a93345fb715dfaefbdb5774ec66eff46fdfaa3 (patch) | |
tree | 71b10f2c036d54b470c283168b50466bcdec5045 /doc/security.rst | |
parent | f11d1bf525d1c77514bac61b309bd604c92acbfd (diff) |
Check for overflow in BER decoder EOC scanning
Diffstat (limited to 'doc/security.rst')
-rw-r--r-- | doc/security.rst | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/doc/security.rst b/doc/security.rst index faefca7d5..151c279f6 100644 --- a/doc/security.rst +++ b/doc/security.rst @@ -21,7 +21,16 @@ Advisories 2016 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -* 2016-10-8871 (CVE-2016-8871) OAEP side channel +* 2016-11-27 (CVE-2016-xxxx) Integer overflow in BER decoder + + While decoding BER length fields, an integer overflow could occur. This could + occur while parsing untrusted inputs such as X.509 certificates. The overflow + does not seem to lead to any obviously exploitable condition, but exploitation + cannot be positively ruled out. Only 32-bit platforms are likely affected; to + cause an overflow on 64-bit the parsed data would have to be many gigabytes. + Bug found by Falko Strenzke, cryptosource GmbH. + +* 2016-10-26 (CVE-2016-8871) OAEP side channel A side channel in OAEP decoding could be used to distinguish RSA ciphertexts that did or did not have a leading 0 byte. For an attacker capable of |