oss-sec mailing list archives
Re: OpenSSL Security Advisory [3rd May 2016]
From: Gsunde Orangen <gsunde.orangen () gmail com>
Date: Tue, 3 May 2016 20:17:52 +0200
Thanks, Alexander & agreed - and the "official" OpenSSL changelog confirms that AES-NI support was introduced with 1.0.1: https://www.openssl.org/news/changelog.html#x22 Changes between 1.0.0h and 1.0.1 [14 Mar 2012]: *) Extensive assembler packs updates, most notably: - x86[_64]: AES-NI, ... On 03.05.2016, 19:35 Solar Designer wrote:
On Tue, May 03, 2016 at 06:52:43PM +0200, Gsunde Orangen wrote:* Padding oracle in AES-NI CBC MAC check (CVE-2016-2107) The advisory says: "This issue was introduced as part of the fix for Lucky 13 padding attack (CVE-2013-0169)". So the following versions should be affected (ref. https://openssl.org/news/vulnerabilities.html#y2013): - 1.0.2 through 1.02g - 1.0.1d through 1.0.1s - 1.0.0k and all later versions - 0.9.8y and all later versionsYou're assuming that all versions with the fix for CVE-2013-0169 are affected, but the description also says that the new bug is in AES-NI specific code. AES-NI support appears to be missing in 1.0.0 and older. I've just tried grepping 1.0.0t for aesenc (one of the AES-NI mnemonics, present in the 1.0.1 tree) - it isn't in there. Alexander
Current thread:
- OpenSSL Security Advisory [3rd May 2016] Solar Designer (May 03)
- Re: OpenSSL Security Advisory [3rd May 2016] Gsunde Orangen (May 03)
- Re: OpenSSL Security Advisory [3rd May 2016] Solar Designer (May 03)
- Re: OpenSSL Security Advisory [3rd May 2016] Gsunde Orangen (May 03)
- Re: OpenSSL Security Advisory [3rd May 2016] Albert Veli (May 03)
- Re: OpenSSL Security Advisory [3rd May 2016] Alan J. Wylie (May 04)
- Re: OpenSSL Security Advisory [3rd May 2016] Albert Veli (May 04)
- Re: OpenSSL Security Advisory [3rd May 2016] Solar Designer (May 03)
- Re: OpenSSL Security Advisory [3rd May 2016] Gsunde Orangen (May 03)