PT-2015-3386 · Openssl+4 · Openssl+4

Hanno Böck

Published

2015-12-03

Updated

2024-06-15

CVE-2015-3193

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.0.2 through 1.0.2e

Description The Montgomery squaring implementation in crypto/bn/asm/x86 64-mont5.pl mishandles carry propagation and produces incorrect output, making it easier for remote attackers to obtain sensitive private-key information via an attack against use of a Diffie-Hellman (DH) or Diffie-Hellman Ephemeral (DHE) ciphersuite. This issue affects the BN mod exp function.

Recommendations For versions 1.0.2 through 1.0.2e, update to version 1.0.2e or later to resolve the issue. As a temporary workaround, consider restricting the use of Diffie-Hellman (DH) or Diffie-Hellman Ephemeral (DHE) ciphersuites until a patch is available.

Exploit

Fix

DoS

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

BDU:2020-02958

CVE-2015-3193

OPENSUSE-SU-2024:10271-1

OPENSUSE-SU-2024:10529-1

OPENSUSE-SU-2024:11127-1

SUSE-SU-2019:14246-1

SUSE-SU-2019_14246-1

USN-2830-1

Affected Products

Cisco Wls

Junos

Openssl

Suse

Ubuntu

PT-2015-3386 · Openssl+4 · Openssl+4

CVE-2015-3193

Weakness Enumeration

Related Identifiers

Affected Products

References · 655