Lucene search

K
ubuntucveUbuntu.comUB:CVE-2019-1559
HistoryFeb 26, 2019 - 12:00 a.m.

CVE-2019-1559

2019-02-2600:00:00
ubuntu.com
ubuntu.com
26

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.01

Percentile

83.8%

If an application encounters a fatal protocol error and then calls
SSL_shutdown() twice (once to send a close_notify, and once to receive one)
then OpenSSL can respond differently to the calling application if a 0 byte
record is received with invalid padding compared to if a 0 byte record is
received with an invalid MAC. If the application then behaves differently
based on that in a way that is detectable to the remote peer, then this
amounts to a padding oracle that could be used to decrypt data. In order
for this to be exploitable “non-stitched” ciphersuites must be in use.
Stitched ciphersuites are optimised implementations of certain commonly
used ciphersuites. Also the application must call SSL_shutdown() twice even
if a protocol error has occurred (applications should not do this but some
do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).

Notes

Author Note
mdeslaur doesn’t affect 1.1.x this fix is a workaround for applications that call SSL_shutdown() twice even if a protocol error has occurred upstream fix uses error handling mechanism introduced in 1.0.2, which isn’t available in 1.0.1f. While we are unlikely to fix this issue in Ubuntu 14.04 LTS, marking as deferred for now in case the vulnerable applications are identified.
OSVersionArchitecturePackageVersionFilename
ubuntu14.04noarchopenssl< 1.0.1f-1ubuntu2.27+esm1UNKNOWN
ubuntu16.04noarchopenssl< 1.0.2g-1ubuntu4.15UNKNOWN
ubuntu18.04noarchopenssl1.0< 1.0.2n-1ubuntu5.3UNKNOWN
ubuntu18.10noarchopenssl1.0< 1.0.2n-1ubuntu6.2UNKNOWN

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.01

Percentile

83.8%