CVE-2016-0705

Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.0.1 through 1.0.1s OpenSSL versions 1.0.2 through 1.0.2g MySQL Server versions 5.6.29 and earlier MySQL Server versions 5.7.11 and earlier

Description A double free vulnerability in the dsa priv decode function in crypto/dsa/dsa ameth.c in OpenSSL allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA private key. Additionally, a side-channel attack was found which makes use of cache-bank conflicts on the Intel Sandy-Bridge microarchitecture which could lead to the recovery of RSA keys. A vulnerability in the MySQL Server component of Oracle MySQL allows high privileged attackers with network access via multiple protocols to compromise MySQL Server, resulting in unauthorized ability to cause a hang or frequently repeatable crash of MySQL Server.

Recommendations For OpenSSL versions 1.0.1 through 1.0.1s, update to version 1.0.1s or later to resolve the issue. For OpenSSL versions 1.0.2 through 1.0.2g, update to version 1.0.2g or later to resolve the issue. For MySQL Server versions 5.6.29 and earlier, update to version 5.6.30 or later to resolve the issue. For MySQL Server versions 5.7.11 and earlier, update to version 5.7.12 or later to resolve the issue. As a temporary workaround, consider restricting access to the dsa priv decode function in OpenSSL until a patch is available. Avoid using the dsa priv decode function in OpenSSL until the issue is resolved.