ASA-2019-00537 – OpenSSL: Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey

Posted on by Allele Security Intelligence in Alerts

Allele Security Alert

ASA-2019-00537

Identifier(s)

ASA-2019-00537, CVE-2019-1563

Title

Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey

Vendor(s)

The OpenSSL Project

Product(s)

OpenSSL

Affected version(s)

OpenSSL version 1.1.1
OpenSSL version 1.1.0
OpenSSL version 1.0.2

Fixed version(s)

OpenSSL version 1.1.1d
OpenSSL version 1.1.0l
OpenSSL version 1.0.2t

Proof of concept

Unknown

Description

In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt() or PKCS7_decrypt() functions to select the correct recipient info to decrypt.

Technical details

Unknown

Credits

Bernd Edlinger

Reference(s)

Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey (CVE-2019-1563)
https://www.openssl.org/news/secadv/20190910.txt

Fix a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=08229ad838c50f644d7e928e2eef147b4308ad64

Fix a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=631f94db0065c78181ca9ba5546ebc8bb3884b97

Fix a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e21f8cf78a125cd3c8c0d1a1a6c8bb0b901f893f

CVE-2019-1563 - Red Hat Customer Portal
https://access.redhat.com/security/cve/CVE-2019-1563

CVE-2019-1563 in Ubuntu
https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1563.html

CVE-2019-1563 | SUSE
https://www.suse.com/security/cve/CVE-2019-1563

CVE-2019-1563
https://security-tracker.debian.org/tracker/CVE-2019-1563

CVE-2019-1563
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1563

CVE-2019-1563
https://nvd.nist.gov/vuln/detail/CVE-2019-1563

If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: December 6, 2019

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.