Bug 934487 (CVE-2015-1788) - VUL-1: CVE-2015-1788: openssl,openssl1: OpenSSL: Malformed ECParameters causes infinite loop
Summary: VUL-1: CVE-2015-1788: openssl,openssl1: OpenSSL: Malformed ECParameters caus...
Status: RESOLVED FIXED
Alias: CVE-2015-1788
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P4 - Low : Normal
Target Milestone: ---
Deadline: 2015-06-26
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/117587/
Whiteboard: maint:released:sle11-sp1:62060 maint:...
Keywords:
Depends on: 938432
Blocks:
  Show dependency treegraph
 
Reported: 2015-06-12 06:34 UTC by Marcus Meissner
Modified: 2022-02-16 21:19 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2015-06-12 06:34:47 UTC 
https://openssl.org/news/secadv_20150611.txt

Malformed ECParameters causes infinite loop (CVE-2015-1788)
===========================================================

Severity: Moderate

When processing an ECParameters structure OpenSSL enters an infinite loop if
the curve specified is over a specially malformed binary polynomial field.

This can be used to perform denial of service against any
system which processes public keys, certificate requests or
certificates.  This includes TLS clients and TLS servers with
client authentication enabled.

This issue affects OpenSSL versions: 1.0.2 and 1.0.1. Recent
1.0.0 and 0.9.8 versions are not affected. 1.0.0d and 0.9.8r and below are
affected.

OpenSSL 1.0.2 users should upgrade to 1.0.2b
OpenSSL 1.0.1 users should upgrade to 1.0.1n
OpenSSL 1.0.0d (and below) users should upgrade to 1.0.0s
OpenSSL 0.9.8r (and below) users should upgrade to 0.9.8zg

This issue was reported to OpenSSL on 6th April 2015 by Joseph Birr-Pixton. The
fix was developed by Andy Polyakov of the OpenSSL development team.
Comment 1 Marcus Meissner 2015-06-12 06:35:17 UTC 
https://jbp.io/2015/06/11/cve-2015-1788-openssl-binpoly-hang/

REPRODUCER:

$ curl https://binpoly.jbp.io:4433

or

$ openssl s_client -connect binpoly.jbp.io:4433
Comment 2 Swamp Workflow Management 2015-06-12 07:05:13 UTC 
An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2015-06-26.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/61984
Comment 4 Bernhard Wiedemann 2015-06-12 14:00:17 UTC 
This is an autogenerated message for OBS integration:
This bug (934487) was mentioned in
https://build.opensuse.org/request/show/311804 13.2+13.1 / openssl
Comment 8 Bernhard Wiedemann 2015-06-12 19:00:31 UTC 
This is an autogenerated message for OBS integration:
This bug (934487) was mentioned in
https://build.opensuse.org/request/show/311821 13.2+13.1 / openssl
Comment 9 Swamp Workflow Management 2015-06-12 22:00:28 UTC 
bugbot adjusting priority
Comment 16 Swamp Workflow Management 2015-06-25 09:05:56 UTC 
openSUSE-SU-2015:1139-1: An update that solves 7 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 931698,933898,933911,934487,934489,934491,934493,934494
CVE References: CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1791,CVE-2015-1792,CVE-2015-3216,CVE-2015-4000
Sources used:
openSUSE 13.2 (src):    openssl-1.0.1k-2.24.1
openSUSE 13.1 (src):    openssl-1.0.1k-11.72.1
Comment 17 Swamp Workflow Management 2015-06-25 16:06:45 UTC 
SUSE-SU-2015:1143-1: An update that solves 7 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 926597,929678,931698,933898,933911,934487,934489,934491,934493
CVE References: CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1791,CVE-2015-1792,CVE-2015-3216,CVE-2015-4000
Sources used:
SUSE Linux Enterprise Software Development Kit 12 (src):    openssl-1.0.1i-25.1
SUSE Linux Enterprise Server 12 (src):    openssl-1.0.1i-25.1
SUSE Linux Enterprise Desktop 12 (src):    openssl-1.0.1i-25.1
Comment 18 Swamp Workflow Management 2015-06-26 11:06:13 UTC 
SUSE-SU-2015:1150-1: An update that solves 7 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 879179,929678,931698,933898,933911,934487,934489,934491,934493
CVE References: CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1791,CVE-2015-1792,CVE-2015-3216,CVE-2015-4000
Sources used:
SUSE Linux Enterprise Module for Legacy Software 12 (src):    compat-openssl098-0.9.8j-78.1
SUSE Linux Enterprise Desktop 12 (src):    compat-openssl098-0.9.8j-78.1
Comment 21 Swamp Workflow Management 2015-07-03 12:05:45 UTC 
SUSE-SU-2015:1181-1: An update that solves four vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 929678,931698,934487,934489,934491
CVE References: CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-4000
Sources used:
SLE CLIENT TOOLS 10 for x86_64 (src):    openssl-0.9.8a-18.92.1
SLE CLIENT TOOLS 10 for s390x (src):    openssl-0.9.8a-18.92.1
SLE CLIENT TOOLS 10 (src):    openssl-0.9.8a-18.92.1
Comment 22 Swamp Workflow Management 2015-07-03 12:07:13 UTC 
SUSE-SU-2015:1182-1: An update that solves 7 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 879179,929678,931698,933898,933911,934487,934489,934491,934493
CVE References: CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1791,CVE-2015-1792,CVE-2015-3216,CVE-2015-4000
Sources used:
SUSE Studio Onsite 1.3 (src):    openssl-0.9.8j-0.72.1
SUSE Manager 1.7 for SLE 11 SP2 (src):    openssl-0.9.8j-0.72.1
Comment 23 Swamp Workflow Management 2015-07-03 14:06:07 UTC 
SUSE-SU-2015:1184-1: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 929678,931698,933911,934487,934489,934491,934493
CVE References: CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1791,CVE-2015-1792,CVE-2015-3216,CVE-2015-4000
Sources used:
SUSE Linux Enterprise Server 11 SP1 LTSS (src):    openssl-0.9.8j-0.72.1
Comment 24 Swamp Workflow Management 2015-07-03 14:07:21 UTC 
SUSE-SU-2015:1185-1: An update that solves 7 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 929678,931698,933911,934487,934489,934491,934493,934494
CVE References: CVE-2014-8176,CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1791,CVE-2015-1792,CVE-2015-4000
Sources used:
SUSE Linux Enterprise Security Module 11 SP3 (src):    openssl1-1.0.1g-0.30.1
Comment 25 Swamp Workflow Management 2015-07-03 18:05:54 UTC 
SUSE-SU-2015:1184-2: An update that fixes 7 vulnerabilities is now available.

Category: security (important)
Bug References: 929678,931698,933911,934487,934489,934491,934493
CVE References: CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1791,CVE-2015-1792,CVE-2015-3216,CVE-2015-4000
Sources used:
SUSE Linux Enterprise Server 11 SP2 LTSS (src):    openssl-0.9.8j-0.72.1
Comment 26 Swamp Workflow Management 2015-07-03 18:07:00 UTC 
SUSE-SU-2015:1181-2: An update that solves four vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 929678,931698,934487,934489,934491
CVE References: CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-4000
Sources used:
SUSE Linux Enterprise Server 10 SP4 LTSS (src):    openssl-0.9.8a-18.92.1
Comment 27 Swamp Workflow Management 2015-07-03 18:08:28 UTC 
SUSE-SU-2015:1182-2: An update that solves 7 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 879179,929678,931698,933898,933911,934487,934489,934491,934493
CVE References: CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1791,CVE-2015-1792,CVE-2015-3216,CVE-2015-4000
Sources used:
SUSE Linux Enterprise Software Development Kit 11 SP3 (src):    openssl-0.9.8j-0.72.1
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    openssl-0.9.8j-0.72.1
SUSE Linux Enterprise Server 11 SP3 (src):    openssl-0.9.8j-0.72.1
SUSE Linux Enterprise Desktop 11 SP3 (src):    openssl-0.9.8j-0.72.1
Comment 28 Swamp Workflow Management 2015-07-22 13:10:04 UTC 
openSUSE-SU-2015:1277-1: An update that solves 16 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 912015,912018,912292,912293,912296,919648,920236,922496,922499,922500,931600,934487,934489,934491,934493,934494,937891
CVE References: CVE-2014-3570,CVE-2014-3572,CVE-2014-8176,CVE-2014-8275,CVE-2015-0205,CVE-2015-0206,CVE-2015-0209,CVE-2015-0286,CVE-2015-0287,CVE-2015-0288,CVE-2015-0289,CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1792,CVE-2015-4000
Sources used:
openSUSE 13.2 (src):    libressl-2.2.1-2.3.1
Comment 29 Marcus Meissner 2015-08-10 07:51:07 UTC 
all released
Comment 30 Swamp Workflow Management 2022-02-16 21:19:02 UTC 
SUSE-FU-2022:0445-1: An update that solves 183 vulnerabilities, contains 21 features and has 299 fixes is now available.

Category: feature (moderate)
Bug References: 1000080,1000117,1000194,1000677,1000742,1001148,1001912,1002585,1002895,1003091,1005246,1009528,1010874,1010966,1011936,1015549,1019637,1021641,1022085,1022086,1022271,1027079,1027610,1027688,1027705,1027908,1028281,1028723,1029523,1029902,1030038,1032118,1032119,1035604,1039469,1040164,1040256,1041090,1042392,1042670,1044095,1044107,1044175,1049186,1049304,1050653,1050665,1055478,1055542,1055825,1056058,1056951,1057496,1062237,1065363,1066242,1066873,1068790,1070737,1070738,1070853,1071905,1071906,1071941,1073310,1073845,1073879,1074247,1076519,1077096,1077230,1078329,1079761,1080301,1081005,1081750,1081751,1082155,1082163,1082318,1083826,1084117,1084157,1085276,1085529,1085661,1087102,1087104,1088573,1089039,1090427,1090765,1090953,1093518,1093917,1094788,1094814,1094883,1095267,1096738,1096937,1097158,1097531,1097624,1098535,1098592,1099308,1099569,1100078,1101246,1101470,1102868,1104789,1106197,1108508,1109882,1109998,1110435,1110869,1110871,1111493,1111622,1111657,1112209,1112357,1113534,1113652,1113742,1113975,1115769,1117951,1118611,1119376,1119416,1119792,1121717,1121852,1122191,1123064,1123185,1123186,1123558,1124885,1125815,1126283,1126318,1127080,1127173,1128146,1128323,1128355,1129071,1129566,1130840,1131291,1132174,1132323,1132455,1132663,1132900,1135009,1136444,1138666,1138715,1138746,1139915,1140255,1141168,1142899,1143033,1143454,1143893,1144506,1149686,1149792,1150003,1150190,1150250,1150895,1153830,1155815,1156677,1156694,1156908,1157104,1157354,1158809,1159235,1159538,1160163,1161557,1161770,1162224,1162367,1162743,1163978,1164310,1165439,1165578,1165730,1165823,1165960,1166139,1166758,1167008,1167501,1167732,1167746,1168480,1168973,1169489,1170175,1170863,1171368,1171561,1172226,1172908,1172928,1173226,1173356,1174009,1174091,1174514,1175729,1176116,1176129,1176134,1176232,1176256,1176257,1176258,1176259,1176262,1176389,1176785,1176977,1177120,1177127,1177559,1178168,1178341,1178670,1179491,1179562,1179630,1179805,1180125,1180781,1181126,1181324,1181944,1182066,1182211,1182244,1182264,1182331,1182333,1182379,1182963,1183059,1183374,1183858,1184505,1185588,1185706,1185748,1186738,1187045,1189521,1190781,1193357,356549,381844,394317,408865,428177,430141,431945,437293,442740,459468,489641,504687,509031,526319,590833,610223,610642,629905,637176,651003,657698,658604,670526,673071,693027,715423,720601,743787,747125,748738,749210,749213,749735,750618,751718,751946,751977,754447,754677,761500,774710,784670,784994,787526,793420,799119,802184,803004,809831,811890,822642,825221,828513,831629,832833,834601,835687,839107,84331,849377,855666,855676,856687,857203,857850,858239,867887,869945,871152,872299,873351,876282,876710,876712,876748,880891,885662,885882,889013,889363,892477,892480,895129,898917,901223,901277,901902,902364,906878,907584,908362,908372,912014,912015,912018,912292,912293,912294,912296,912460,913229,915479,917607,917759,917815,919648,920236,922448,922488,922496,922499,922500,926597,929678,929736,930189,931698,931978,933898,933911,934487,934489,934491,934493,935856,937085,937212,937492,937634,937912,939456,940608,942385,942751,943421,944204,945455,946648,947104,947357,947679,948198,952871,954256,954486,954690,957812,957813,957815,958501,961334,962291,963415,963974,964204,964472,964474,965830,967128,968046,968047,968048,968050,968265,968270,968374,968601,975875,976942,977584,977614,977615,977616,977663,978224,981848,982268,982575,983249,984323,985054,988086,990207,990392,990419,990428,991193,991877,992120,992988,992989,992992,993130,993819,993825,993968,994749,994844,994910,995075,995324,995359,995377,995959,996255,997043,997614,998190,999665,999666,999668
CVE References: CVE-2006-2937,CVE-2006-2940,CVE-2006-3738,CVE-2006-4339,CVE-2006-4343,CVE-2006-7250,CVE-2007-3108,CVE-2007-4995,CVE-2007-5135,CVE-2008-0891,CVE-2008-1672,CVE-2008-5077,CVE-2009-0590,CVE-2009-0591,CVE-2009-0789,CVE-2009-1377,CVE-2009-1378,CVE-2009-1379,CVE-2009-1386,CVE-2009-1387,CVE-2010-0740,CVE-2010-0742,CVE-2010-1633,CVE-2010-2939,CVE-2010-3864,CVE-2010-5298,CVE-2011-0014,CVE-2011-3207,CVE-2011-3210,CVE-2011-3389,CVE-2011-4108,CVE-2011-4576,CVE-2011-4577,CVE-2011-4619,CVE-2011-4944,CVE-2012-0027,CVE-2012-0050,CVE-2012-0845,CVE-2012-0884,CVE-2012-1150,CVE-2012-1165,CVE-2012-2110,CVE-2012-2686,CVE-2012-4929,CVE-2013-0166,CVE-2013-0169,CVE-2013-1752,CVE-2013-4238,CVE-2013-4314,CVE-2013-4353,CVE-2013-6449,CVE-2013-6450,CVE-2014-0012,CVE-2014-0076,CVE-2014-0160,CVE-2014-0195,CVE-2014-0198,CVE-2014-0221,CVE-2014-0224,CVE-2014-1829,CVE-2014-1830,CVE-2014-2667,CVE-2014-3470,CVE-2014-3505,CVE-2014-3506,CVE-2014-3507,CVE-2014-3508,CVE-2014-3509,CVE-2014-3510,CVE-2014-3511,CVE-2014-3512,CVE-2014-3513,CVE-2014-3566,CVE-2014-3567,CVE-2014-3568,CVE-2014-3570,CVE-2014-3571,CVE-2014-3572,CVE-2014-4650,CVE-2014-5139,CVE-2014-7202,CVE-2014-7203,CVE-2014-8275,CVE-2014-9721,CVE-2015-0204,CVE-2015-0205,CVE-2015-0206,CVE-2015-0209,CVE-2015-0286,CVE-2015-0287,CVE-2015-0288,CVE-2015-0289,CVE-2015-0293,CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1791,CVE-2015-1792,CVE-2015-2296,CVE-2015-3194,CVE-2015-3195,CVE-2015-3196,CVE-2015-3197,CVE-2015-3216,CVE-2015-4000,CVE-2016-0702,CVE-2016-0705,CVE-2016-0797,CVE-2016-0798,CVE-2016-0799,CVE-2016-0800,CVE-2016-10745,CVE-2016-2105,CVE-2016-2106,CVE-2016-2107,CVE-2016-2109,CVE-2016-2176,CVE-2016-2177,CVE-2016-2178,CVE-2016-2179,CVE-2016-2180,CVE-2016-2181,CVE-2016-2182,CVE-2016-2183,CVE-2016-6302,CVE-2016-6303,CVE-2016-6304,CVE-2016-6306,CVE-2016-7052,CVE-2016-7055,CVE-2016-9015,CVE-2017-18342,CVE-2017-3731,CVE-2017-3732,CVE-2017-3735,CVE-2017-3736,CVE-2017-3737,CVE-2017-3738,CVE-2018-0732,CVE-2018-0734,CVE-2018-0737,CVE-2018-0739,CVE-2018-18074,CVE-2018-20060,CVE-2018-5407,CVE-2018-7750,CVE-2019-10906,CVE-2019-11236,CVE-2019-11324,CVE-2019-13132,CVE-2019-1547,CVE-2019-1551,CVE-2019-1559,CVE-2019-1563,CVE-2019-20907,CVE-2019-20916,CVE-2019-5010,CVE-2019-6250,CVE-2019-8341,CVE-2019-9740,CVE-2019-9947,CVE-2020-14343,CVE-2020-15166,CVE-2020-15523,CVE-2020-15801,CVE-2020-1747,CVE-2020-1971,CVE-2020-25659,CVE-2020-26137,CVE-2020-27783,CVE-2020-28493,CVE-2020-29651,CVE-2020-36242,CVE-2020-8492,CVE-2021-23336,CVE-2021-23840,CVE-2021-23841,CVE-2021-28957,CVE-2021-29921,CVE-2021-3177,CVE-2021-33503,CVE-2021-3426,CVE-2021-3712
JIRA References: ECO-3105,SLE-11435,SLE-12684,SLE-12986,SLE-13688,SLE-14253,SLE-15159,SLE-15860,SLE-15861,SLE-16754,SLE-17532,SLE-17957,SLE-18260,SLE-18354,SLE-18446,SLE-19264,SLE-3887,SLE-4480,SLE-4577,SLE-7686,SLE-9135
Sources used:
SUSE Manager Tools 12-BETA (src):    venv-salt-minion-3002.2-3.3.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.