Bug 1022085 (CVE-2017-3731)

Summary: VUL-0: CVE-2017-3731: openssl: Truncated packet could crash via OOB read
Product: [Novell Products] SUSE Security Incidents Reporter: Andreas Stieger <astieger>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: astieger, meissner, vcizek
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/179215/
Whiteboard: CVSSv2:SUSE:CVE-2017-3731:4.3:(AV:N/AC:M/Au:N/C:N/I:N/A:P) maint:released:sle10-sp3:63411
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Bug Depends on:    
Bug Blocks: 1021641    
Deadline: 2017-02-20   

Description Andreas Stieger 2017-01-26 14:18:16 UTC 
https://www.openssl.org/news/secadv/20170126.txt

Truncated packet could crash via OOB read (CVE-2017-3731)
=========================================================

Severity: Moderate

If an SSL/TLS server or client is running on a 32-bit host, and a specific
cipher is being used, then a truncated packet can cause that server or client
to perform an out-of-bounds read, usually resulting in a crash.

For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305;
users should upgrade to 1.1.0d

For Openssl 1.0.2, the crash can be triggered when using RC4-MD5; users who have
not disabled that algorithm should update to 1.0.2k

This issue was reported to OpenSSL on 13th November 2016 by Robert Święcki of
Google. The fix was developed by Andy Polyakov of the OpenSSL development team.
Comment 2 Andreas Stieger 2017-01-26 16:28:36 UTC 
OpenSSL 1.0.1 was the first version to contain this code.
Comment 4 Bernhard Wiedemann 2017-01-27 13:05:05 UTC 
This is an autogenerated message for OBS integration:
This bug (1022085) was mentioned in
https://build.opensuse.org/request/show/452919 Factory / openssl
Comment 14 Swamp Workflow Management 2017-02-06 16:25:12 UTC 
An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2017-02-20.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/63397
Comment 17 Swamp Workflow Management 2017-02-09 14:10:45 UTC 
SUSE-SU-2017:0431-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1009528,1022085,1022086
CVE References: CVE-2016-7055,CVE-2017-3731,CVE-2017-3732
Sources used:
SUSE Linux Enterprise Module for Web Scripting 12 (src):    nodejs6-6.9.5-7.1
Comment 18 Swamp Workflow Management 2017-02-10 20:08:41 UTC 
SUSE-SU-2017:0441-1: An update that solves three vulnerabilities and has 5 fixes is now available.

Category: security (moderate)
Bug References: 1000677,1001912,1009528,1019637,1021641,1022085,1022086,1022271
CVE References: CVE-2016-7055,CVE-2017-3731,CVE-2017-3732
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    openssl-1.0.2j-59.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    openssl-1.0.2j-59.1
SUSE Linux Enterprise Server 12-SP2 (src):    openssl-1.0.2j-59.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    openssl-1.0.2j-59.1
Comment 19 Bernhard Wiedemann 2017-02-11 15:00:54 UTC 
This is an autogenerated message for OBS integration:
This bug (1022085) was mentioned in
https://build.opensuse.org/request/show/456393 42.1 / nodejs
Comment 20 Swamp Workflow Management 2017-02-14 20:09:54 UTC 
SUSE-SU-2017:0461-1: An update that solves four vulnerabilities and has four fixes is now available.

Category: security (moderate)
Bug References: 1000677,1001912,1004499,1005878,1019334,1021641,1022085,1022271
CVE References: CVE-2016-2108,CVE-2016-7056,CVE-2016-8610,CVE-2017-3731
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    openssl-1.0.1i-54.5.1
SUSE Linux Enterprise Server 12-SP1 (src):    openssl-1.0.1i-54.5.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    openssl-1.0.1i-54.5.1
Comment 21 Swamp Workflow Management 2017-02-17 03:14:12 UTC 
openSUSE-SU-2017:0481-1: An update that solves three vulnerabilities and has 5 fixes is now available.

Category: security (moderate)
Bug References: 1000677,1001912,1009528,1019637,1021641,1022085,1022086,1022271
CVE References: CVE-2016-7055,CVE-2017-3731,CVE-2017-3732
Sources used:
openSUSE Leap 42.2 (src):    openssl-1.0.2j-4.1
Comment 22 Swamp Workflow Management 2017-02-17 03:20:33 UTC 
openSUSE-SU-2017:0487-1: An update that solves four vulnerabilities and has four fixes is now available.

Category: security (moderate)
Bug References: 1000677,1001912,1004499,1005878,1019334,1021641,1022085,1022271
CVE References: CVE-2016-2108,CVE-2016-7056,CVE-2016-8610,CVE-2017-3731
Sources used:
openSUSE Leap 42.1 (src):    openssl-1.0.1i-21.1
Comment 23 Swamp Workflow Management 2017-02-17 17:24:48 UTC 
SUSE-SU-2017:0495-1: An update that solves four vulnerabilities and has 5 fixes is now available.

Category: security (moderate)
Bug References: 1000677,1001707,1001912,1004499,1005878,1019334,1021641,1022085,1022644
CVE References: CVE-2016-2108,CVE-2016-7056,CVE-2016-8610,CVE-2017-3731
Sources used:
SUSE Linux Enterprise Server 11-SECURITY (src):    openssl1-1.0.1g-0.57.1
Comment 24 Swamp Workflow Management 2017-02-20 23:07:40 UTC 
openSUSE-SU-2017:0527-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1009528,1022085,1022086
CVE References: CVE-2016-7055,CVE-2017-3731,CVE-2017-3732
Sources used:
openSUSE Leap 42.1 (src):    nodejs-4.7.3-39.1
Comment 25 Marcus Meissner 2017-03-21 11:53:24 UTC 
released
Comment 26 Swamp Workflow Management 2017-03-29 16:14:05 UTC 
SUSE-SU-2017:0855-1: An update that solves three vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1000036,1009528,1022085,1022086
CVE References: CVE-2016-7055,CVE-2017-3731,CVE-2017-3732
Sources used:
SUSE Linux Enterprise Module for Web Scripting 12 (src):    nodejs4-4.7.3-14.1
SUSE Enterprise Storage 4 (src):    nodejs4-4.7.3-14.1
Comment 27 Swamp Workflow Management 2017-04-05 16:20:53 UTC 
openSUSE-SU-2017:0941-1: An update that solves three vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1000036,1009528,1022085,1022086
CVE References: CVE-2016-7055,CVE-2017-3731,CVE-2017-3732
Sources used:
openSUSE Leap 42.2 (src):    nodejs4-4.7.3-5.3.1
Comment 31 Swamp Workflow Management 2018-01-16 17:10:07 UTC 
SUSE-SU-2018:0112-1: An update that solves 5 vulnerabilities and has 10 fixes is now available.

Category: security (important)
Bug References: 1000677,1001502,1001912,1004499,1005878,1019334,1021641,1022085,1022271,1027908,1032261,1055825,1056058,1065363,990592
CVE References: CVE-2016-2108,CVE-2016-7056,CVE-2016-8610,CVE-2017-3731,CVE-2017-3735
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    openssl-1.0.1i-27.28.1
Comment 32 Swamp Workflow Management 2018-02-09 20:00:20 UTC 
This is an autogenerated message for OBS integration:
This bug (1022085) was mentioned in
https://build.opensuse.org/request/show/574808 42.3 / openssl-steam
Comment 33 Swamp Workflow Management 2018-02-16 11:08:29 UTC 
openSUSE-SU-2018:0458-1: An update that solves 16 vulnerabilities and has 12 fixes is now available.

Category: security (important)
Bug References: 1001148,1009528,1019334,1022085,1022086,1022271,982268,982575,983249,984323,990207,990392,990419,990428,991193,991877,992120,993819,994749,994844,995075,995324,995359,995377,998190,999665,999666,999668
CVE References: CVE-2016-2177,CVE-2016-2178,CVE-2016-2179,CVE-2016-2180,CVE-2016-2181,CVE-2016-2182,CVE-2016-2183,CVE-2016-6302,CVE-2016-6303,CVE-2016-6304,CVE-2016-6306,CVE-2016-7052,CVE-2016-7055,CVE-2016-7056,CVE-2017-3731,CVE-2017-3732
Sources used:
openSUSE Leap 42.3 (src):    openssl-steam-1.0.2k-4.3.1
Comment 35 Swamp Workflow Management 2022-02-16 20:46:40 UTC 
SUSE-FU-2022:0445-1: An update that solves 183 vulnerabilities, contains 21 features and has 299 fixes is now available.

Category: feature (moderate)
Bug References: 1000080,1000117,1000194,1000677,1000742,1001148,1001912,1002585,1002895,1003091,1005246,1009528,1010874,1010966,1011936,1015549,1019637,1021641,1022085,1022086,1022271,1027079,1027610,1027688,1027705,1027908,1028281,1028723,1029523,1029902,1030038,1032118,1032119,1035604,1039469,1040164,1040256,1041090,1042392,1042670,1044095,1044107,1044175,1049186,1049304,1050653,1050665,1055478,1055542,1055825,1056058,1056951,1057496,1062237,1065363,1066242,1066873,1068790,1070737,1070738,1070853,1071905,1071906,1071941,1073310,1073845,1073879,1074247,1076519,1077096,1077230,1078329,1079761,1080301,1081005,1081750,1081751,1082155,1082163,1082318,1083826,1084117,1084157,1085276,1085529,1085661,1087102,1087104,1088573,1089039,1090427,1090765,1090953,1093518,1093917,1094788,1094814,1094883,1095267,1096738,1096937,1097158,1097531,1097624,1098535,1098592,1099308,1099569,1100078,1101246,1101470,1102868,1104789,1106197,1108508,1109882,1109998,1110435,1110869,1110871,1111493,1111622,1111657,1112209,1112357,1113534,1113652,1113742,1113975,1115769,1117951,1118611,1119376,1119416,1119792,1121717,1121852,1122191,1123064,1123185,1123186,1123558,1124885,1125815,1126283,1126318,1127080,1127173,1128146,1128323,1128355,1129071,1129566,1130840,1131291,1132174,1132323,1132455,1132663,1132900,1135009,1136444,1138666,1138715,1138746,1139915,1140255,1141168,1142899,1143033,1143454,1143893,1144506,1149686,1149792,1150003,1150190,1150250,1150895,1153830,1155815,1156677,1156694,1156908,1157104,1157354,1158809,1159235,1159538,1160163,1161557,1161770,1162224,1162367,1162743,1163978,1164310,1165439,1165578,1165730,1165823,1165960,1166139,1166758,1167008,1167501,1167732,1167746,1168480,1168973,1169489,1170175,1170863,1171368,1171561,1172226,1172908,1172928,1173226,1173356,1174009,1174091,1174514,1175729,1176116,1176129,1176134,1176232,1176256,1176257,1176258,1176259,1176262,1176389,1176785,1176977,1177120,1177127,1177559,1178168,1178341,1178670,1179491,1179562,1179630,1179805,1180125,1180781,1181126,1181324,1181944,1182066,1182211,1182244,1182264,1182331,1182333,1182379,1182963,1183059,1183374,1183858,1184505,1185588,1185706,1185748,1186738,1187045,1189521,1190781,1193357,356549,381844,394317,408865,428177,430141,431945,437293,442740,459468,489641,504687,509031,526319,590833,610223,610642,629905,637176,651003,657698,658604,670526,673071,693027,715423,720601,743787,747125,748738,749210,749213,749735,750618,751718,751946,751977,754447,754677,761500,774710,784670,784994,787526,793420,799119,802184,803004,809831,811890,822642,825221,828513,831629,832833,834601,835687,839107,84331,849377,855666,855676,856687,857203,857850,858239,867887,869945,871152,872299,873351,876282,876710,876712,876748,880891,885662,885882,889013,889363,892477,892480,895129,898917,901223,901277,901902,902364,906878,907584,908362,908372,912014,912015,912018,912292,912293,912294,912296,912460,913229,915479,917607,917759,917815,919648,920236,922448,922488,922496,922499,922500,926597,929678,929736,930189,931698,931978,933898,933911,934487,934489,934491,934493,935856,937085,937212,937492,937634,937912,939456,940608,942385,942751,943421,944204,945455,946648,947104,947357,947679,948198,952871,954256,954486,954690,957812,957813,957815,958501,961334,962291,963415,963974,964204,964472,964474,965830,967128,968046,968047,968048,968050,968265,968270,968374,968601,975875,976942,977584,977614,977615,977616,977663,978224,981848,982268,982575,983249,984323,985054,988086,990207,990392,990419,990428,991193,991877,992120,992988,992989,992992,993130,993819,993825,993968,994749,994844,994910,995075,995324,995359,995377,995959,996255,997043,997614,998190,999665,999666,999668
CVE References: CVE-2006-2937,CVE-2006-2940,CVE-2006-3738,CVE-2006-4339,CVE-2006-4343,CVE-2006-7250,CVE-2007-3108,CVE-2007-4995,CVE-2007-5135,CVE-2008-0891,CVE-2008-1672,CVE-2008-5077,CVE-2009-0590,CVE-2009-0591,CVE-2009-0789,CVE-2009-1377,CVE-2009-1378,CVE-2009-1379,CVE-2009-1386,CVE-2009-1387,CVE-2010-0740,CVE-2010-0742,CVE-2010-1633,CVE-2010-2939,CVE-2010-3864,CVE-2010-5298,CVE-2011-0014,CVE-2011-3207,CVE-2011-3210,CVE-2011-3389,CVE-2011-4108,CVE-2011-4576,CVE-2011-4577,CVE-2011-4619,CVE-2011-4944,CVE-2012-0027,CVE-2012-0050,CVE-2012-0845,CVE-2012-0884,CVE-2012-1150,CVE-2012-1165,CVE-2012-2110,CVE-2012-2686,CVE-2012-4929,CVE-2013-0166,CVE-2013-0169,CVE-2013-1752,CVE-2013-4238,CVE-2013-4314,CVE-2013-4353,CVE-2013-6449,CVE-2013-6450,CVE-2014-0012,CVE-2014-0076,CVE-2014-0160,CVE-2014-0195,CVE-2014-0198,CVE-2014-0221,CVE-2014-0224,CVE-2014-1829,CVE-2014-1830,CVE-2014-2667,CVE-2014-3470,CVE-2014-3505,CVE-2014-3506,CVE-2014-3507,CVE-2014-3508,CVE-2014-3509,CVE-2014-3510,CVE-2014-3511,CVE-2014-3512,CVE-2014-3513,CVE-2014-3566,CVE-2014-3567,CVE-2014-3568,CVE-2014-3570,CVE-2014-3571,CVE-2014-3572,CVE-2014-4650,CVE-2014-5139,CVE-2014-7202,CVE-2014-7203,CVE-2014-8275,CVE-2014-9721,CVE-2015-0204,CVE-2015-0205,CVE-2015-0206,CVE-2015-0209,CVE-2015-0286,CVE-2015-0287,CVE-2015-0288,CVE-2015-0289,CVE-2015-0293,CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1791,CVE-2015-1792,CVE-2015-2296,CVE-2015-3194,CVE-2015-3195,CVE-2015-3196,CVE-2015-3197,CVE-2015-3216,CVE-2015-4000,CVE-2016-0702,CVE-2016-0705,CVE-2016-0797,CVE-2016-0798,CVE-2016-0799,CVE-2016-0800,CVE-2016-10745,CVE-2016-2105,CVE-2016-2106,CVE-2016-2107,CVE-2016-2109,CVE-2016-2176,CVE-2016-2177,CVE-2016-2178,CVE-2016-2179,CVE-2016-2180,CVE-2016-2181,CVE-2016-2182,CVE-2016-2183,CVE-2016-6302,CVE-2016-6303,CVE-2016-6304,CVE-2016-6306,CVE-2016-7052,CVE-2016-7055,CVE-2016-9015,CVE-2017-18342,CVE-2017-3731,CVE-2017-3732,CVE-2017-3735,CVE-2017-3736,CVE-2017-3737,CVE-2017-3738,CVE-2018-0732,CVE-2018-0734,CVE-2018-0737,CVE-2018-0739,CVE-2018-18074,CVE-2018-20060,CVE-2018-5407,CVE-2018-7750,CVE-2019-10906,CVE-2019-11236,CVE-2019-11324,CVE-2019-13132,CVE-2019-1547,CVE-2019-1551,CVE-2019-1559,CVE-2019-1563,CVE-2019-20907,CVE-2019-20916,CVE-2019-5010,CVE-2019-6250,CVE-2019-8341,CVE-2019-9740,CVE-2019-9947,CVE-2020-14343,CVE-2020-15166,CVE-2020-15523,CVE-2020-15801,CVE-2020-1747,CVE-2020-1971,CVE-2020-25659,CVE-2020-26137,CVE-2020-27783,CVE-2020-28493,CVE-2020-29651,CVE-2020-36242,CVE-2020-8492,CVE-2021-23336,CVE-2021-23840,CVE-2021-23841,CVE-2021-28957,CVE-2021-29921,CVE-2021-3177,CVE-2021-33503,CVE-2021-3426,CVE-2021-3712
JIRA References: ECO-3105,SLE-11435,SLE-12684,SLE-12986,SLE-13688,SLE-14253,SLE-15159,SLE-15860,SLE-15861,SLE-16754,SLE-17532,SLE-17957,SLE-18260,SLE-18354,SLE-18446,SLE-19264,SLE-3887,SLE-4480,SLE-4577,SLE-7686,SLE-9135
Sources used:
SUSE Manager Tools 12-BETA (src):    venv-salt-minion-3002.2-3.3.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.