Bug 968030 (CVE-2015-7827) - VUL-0: CVE-2015-7827: Botan: PKCS #1 v1.5 decoding was not constant time
Summary: VUL-0: CVE-2015-7827: Botan: PKCS #1 v1.5 decoding was not constant time
Status: RESOLVED FIXED
Alias: CVE-2015-7827
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/162165/
Whiteboard: CVSSv2:RedHat:CVE-2015-7827:4.0:(AV:N...
Keywords:
Depends on:
Blocks:
 
Reported: 2016-02-24 11:35 UTC by Alexander Bergmann
Modified: 2017-06-20 11:39 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2016-02-24 11:35:35 UTC 
http://botan.randombit.net/security.html

2015-10-26 (CVE-2015-7827): PKCS #1 v1.5 decoding was not constant time

During RSA decryption, how long decoding of PKCS #1 v1.5 padding took was input dependent. If these differences could be measured by an attacker, it could be used to mount a Bleichenbacher million-message attack. PKCS #1 v1.5 decoding has been rewritten to use a sequence of operations which do not contain any input-dependent indexes or jumps. Notations for checking constant time blocks with ctgrind (https://github.com/agl/ctgrind) were added to PKCS #1 decoding among other areas. Found in a review by Sirrix AG and 3curity GmbH.

Fixed in 1.11.22. Affected all previous versions.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7827
http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-7827.html
Comment 1 Swamp Workflow Management 2016-02-24 23:04:00 UTC 
bugbot adjusting priority
Comment 2 Bernhard Wiedemann 2017-04-12 16:02:30 UTC 
This is an autogenerated message for OBS integration:
This bug (968030) was mentioned in
https://build.opensuse.org/request/show/487622 Factory / Botan
Comment 6 Daniel Molkentin 2017-05-08 15:18:57 UTC 
Patches submitted for SLE11 and 12. Back to security team for further handling.
Comment 8 Swamp Workflow Management 2017-05-09 16:11:28 UTC 
SUSE-SU-2017:1222-1: An update that fixes 9 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1013209,1033605,965620,965621,968025,968026,968030,974521,977420
CVE References: CVE-2014-9742,CVE-2015-5726,CVE-2015-5727,CVE-2015-7827,CVE-2016-2194,CVE-2016-2195,CVE-2016-2849,CVE-2016-9132,CVE-2017-2801
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    Botan-1.10.9-3.1
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    Botan-1.10.9-3.1
Comment 9 Swamp Workflow Management 2017-05-16 16:11:36 UTC 
SUSE-SU-2017:1305-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 1013209,968030
CVE References: CVE-2015-7827,CVE-2016-9132
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    Botan-1.6.5-4.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    Botan-1.6.5-4.1
Comment 10 Swamp Workflow Management 2017-05-19 04:27:41 UTC 
SUSE-SU-2017:1351-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 1013209,968030
CVE References: CVE-2015-7827,CVE-2016-9132
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    Botan-1.6.5-6.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    Botan-1.6.5-6.1
Comment 11 Marcus Meissner 2017-06-20 11:39:28 UTC 
released