CVE-2019-1551

2019-12-0600:00:00

ubuntu.com

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

59.3%

JSON

There is an overflow bug in the x64_64 Montgomery squaring procedure used
in exponentiation with 512-bit moduli. No EC algorithms are affected.
Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536,
and DSA1024 as a result of this defect would be very difficult to perform
and are not believed likely. Attacks against DH512 are considered just
feasible. However, for an attack the target would have to re-use the DH512
private key, which is not recommended anyway. Also applications directly
using the low level API BN_mod_exp may be affected if they use
BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in
OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).

Notes

Author	Note
mdeslaur	affected file isn’t built in edk2

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchopenssl< 1.1.1-1ubuntu2.1~18.04.6UNKNOWN
ubuntu19.10noarchopenssl< 1.1.1c-1ubuntu4.1UNKNOWN
ubuntu20.04noarchopenssl< 1.1.1f-1ubuntu1UNKNOWN
ubuntu16.04noarchopenssl< 1.0.2g-1ubuntu4.16UNKNOWN
ubuntu18.04noarchopenssl1.0< 1.0.2n-1ubuntu5.4UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	openssl	< 1.1.1-1ubuntu2.1~18.04.6	UNKNOWN
ubuntu	19.10	noarch	openssl	< 1.1.1c-1ubuntu4.1	UNKNOWN
ubuntu	20.04	noarch	openssl	< 1.1.1f-1ubuntu1	UNKNOWN
ubuntu	16.04	noarch	openssl	< 1.0.2g-1ubuntu4.16	UNKNOWN
ubuntu	18.04	noarch	openssl1.0	< 1.0.2n-1ubuntu5.4	UNKNOWN