CVE-2017-3732

Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.0.2 through 1.0.2k OpenSSL versions 1.1.0 through 1.1.0d MySQL Server version 5.6.35 and earlier MySQL Server version 5.7.17 and earlier

Description The issue is related to a carry propagating bug in the x86 64 Montgomery squaring procedure in OpenSSL. This bug can be exploited by a remote attacker to gain unauthorized access to sensitive private key information. Although attacks against RSA and DSA are considered very difficult to perform, attacks against DH are thought to be feasible, albeit requiring significant resources. The exploitation would require online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key shared between multiple clients.

Recommendations For OpenSSL versions 1.0.2 through 1.0.2k, update to version 1.0.2k or later. For OpenSSL versions 1.1.0 through 1.1.0d, update to version 1.1.0d or later. For MySQL Server version 5.6.35 and earlier, update to a version later than 5.6.35. For MySQL Server version 5.7.17 and earlier, update to a version later than 5.7.17. As a temporary workaround, consider restricting access to the Montgomery squaring procedure until a patch is available. Additionally, avoid using DH parameters with a private key shared between multiple clients to minimize the risk of exploitation.