1022085 – (CVE-2017-3731) VUL-0: CVE-2017-3731: openssl: Truncated packet could crash via OOB read

Bug 1022085 (CVE-2017-3731) - VUL-0: CVE-2017-3731: openssl: Truncated packet could crash via OOB read

Summary: VUL-0: CVE-2017-3731: openssl: Truncated packet could crash via OOB read

Status:	RESOLVED FIXED

Alias:	CVE-2017-3731

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Deadline:	2017-02-20
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/179215/
Whiteboard:	CVSSv2:SUSE:CVE-2017-3731:4.3:(AV:N/A...
Keywords:

Depends on:
Blocks:	1021641
	Show dependency tree / graph

Clone This Bug

Reported:	2017-01-26 14:18 UTC by Andreas Stieger
Modified:	2022-02-16 20:46 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Andreas Stieger 2017-01-26 14:18:16 UTC

https://www.openssl.org/news/secadv/20170126.txt

Truncated packet could crash via OOB read (CVE-2017-3731)
=========================================================

Severity: Moderate

If an SSL/TLS server or client is running on a 32-bit host, and a specific
cipher is being used, then a truncated packet can cause that server or client
to perform an out-of-bounds read, usually resulting in a crash.

For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305;
users should upgrade to 1.1.0d

For Openssl 1.0.2, the crash can be triggered when using RC4-MD5; users who have
not disabled that algorithm should update to 1.0.2k

This issue was reported to OpenSSL on 13th November 2016 by Robert Święcki of
Google. The fix was developed by Andy Polyakov of the OpenSSL development team.

Comment 1 Andreas Stieger 2017-01-26 16:25:32 UTC

master:
https://git.openssl.org/?p=openssl.git;a=commit;h=8e20499629b6bcf868d0072c7011e590b5c2294d
https://git.openssl.org/?p=openssl.git;a=commit;h=2198b3a55de681e1f3c23edb0586afe13f438051

1.0.2k:
https://git.openssl.org/?p=openssl.git;a=commit;h=51d009043670a627d6abe66894126851cf3690e9

1.1.0d:
https://git.openssl.org/?p=openssl.git;a=commit;h=00d965474b22b54e4275232bc71ee0c699c5cd21
https://git.openssl.org/?p=openssl.git;a=commit;h=f3a7e57c92b2c9b87dc4b2997f2ebda6781300d0

32 bit: not updating for SLE 12 which is 64 bit only.

Comment 2 Andreas Stieger 2017-01-26 16:28:36 UTC

OpenSSL 1.0.1 was the first version to contain this code.

Comment 4 Bernhard Wiedemann 2017-01-27 13:05:05 UTC

This is an autogenerated message for OBS integration:
This bug (1022085) was mentioned in
https://build.opensuse.org/request/show/452919 Factory / openssl

Comment 14 Swamp Workflow Management 2017-02-06 16:25:12 UTC

An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2017-02-20.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/63397

Comment 17 Swamp Workflow Management 2017-02-09 14:10:45 UTC

SUSE-SU-2017:0431-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1009528,1022085,1022086
CVE References: CVE-2016-7055,CVE-2017-3731,CVE-2017-3732
Sources used:
SUSE Linux Enterprise Module for Web Scripting 12 (src):    nodejs6-6.9.5-7.1

Comment 18 Swamp Workflow Management 2017-02-10 20:08:41 UTC

SUSE-SU-2017:0441-1: An update that solves three vulnerabilities and has 5 fixes is now available.

Category: security (moderate)
Bug References: 1000677,1001912,1009528,1019637,1021641,1022085,1022086,1022271
CVE References: CVE-2016-7055,CVE-2017-3731,CVE-2017-3732
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    openssl-1.0.2j-59.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    openssl-1.0.2j-59.1
SUSE Linux Enterprise Server 12-SP2 (src):    openssl-1.0.2j-59.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    openssl-1.0.2j-59.1

Comment 19 Bernhard Wiedemann 2017-02-11 15:00:54 UTC

This is an autogenerated message for OBS integration:
This bug (1022085) was mentioned in
https://build.opensuse.org/request/show/456393 42.1 / nodejs

Comment 20 Swamp Workflow Management 2017-02-14 20:09:54 UTC

SUSE-SU-2017:0461-1: An update that solves four vulnerabilities and has four fixes is now available.

Category: security (moderate)
Bug References: 1000677,1001912,1004499,1005878,1019334,1021641,1022085,1022271
CVE References: CVE-2016-2108,CVE-2016-7056,CVE-2016-8610,CVE-2017-3731
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    openssl-1.0.1i-54.5.1
SUSE Linux Enterprise Server 12-SP1 (src):    openssl-1.0.1i-54.5.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    openssl-1.0.1i-54.5.1

Comment 21 Swamp Workflow Management 2017-02-17 03:14:12 UTC

openSUSE-SU-2017:0481-1: An update that solves three vulnerabilities and has 5 fixes is now available.

Category: security (moderate)
Bug References: 1000677,1001912,1009528,1019637,1021641,1022085,1022086,1022271
CVE References: CVE-2016-7055,CVE-2017-3731,CVE-2017-3732
Sources used:
openSUSE Leap 42.2 (src):    openssl-1.0.2j-4.1

Comment 22 Swamp Workflow Management 2017-02-17 03:20:33 UTC

openSUSE-SU-2017:0487-1: An update that solves four vulnerabilities and has four fixes is now available.

Category: security (moderate)
Bug References: 1000677,1001912,1004499,1005878,1019334,1021641,1022085,1022271
CVE References: CVE-2016-2108,CVE-2016-7056,CVE-2016-8610,CVE-2017-3731
Sources used:
openSUSE Leap 42.1 (src):    openssl-1.0.1i-21.1

Comment 23 Swamp Workflow Management 2017-02-17 17:24:48 UTC

SUSE-SU-2017:0495-1: An update that solves four vulnerabilities and has 5 fixes is now available.

Category: security (moderate)
Bug References: 1000677,1001707,1001912,1004499,1005878,1019334,1021641,1022085,1022644
CVE References: CVE-2016-2108,CVE-2016-7056,CVE-2016-8610,CVE-2017-3731
Sources used:
SUSE Linux Enterprise Server 11-SECURITY (src):    openssl1-1.0.1g-0.57.1

Comment 24 Swamp Workflow Management 2017-02-20 23:07:40 UTC

openSUSE-SU-2017:0527-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1009528,1022085,1022086
CVE References: CVE-2016-7055,CVE-2017-3731,CVE-2017-3732
Sources used:
openSUSE Leap 42.1 (src):    nodejs-4.7.3-39.1

Comment 25 Marcus Meissner 2017-03-21 11:53:24 UTC

released

Comment 26 Swamp Workflow Management 2017-03-29 16:14:05 UTC

SUSE-SU-2017:0855-1: An update that solves three vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1000036,1009528,1022085,1022086
CVE References: CVE-2016-7055,CVE-2017-3731,CVE-2017-3732
Sources used:
SUSE Linux Enterprise Module for Web Scripting 12 (src):    nodejs4-4.7.3-14.1
SUSE Enterprise Storage 4 (src):    nodejs4-4.7.3-14.1

Comment 27 Swamp Workflow Management 2017-04-05 16:20:53 UTC

openSUSE-SU-2017:0941-1: An update that solves three vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1000036,1009528,1022085,1022086
CVE References: CVE-2016-7055,CVE-2017-3731,CVE-2017-3732
Sources used:
openSUSE Leap 42.2 (src):    nodejs4-4.7.3-5.3.1

Comment 31 Swamp Workflow Management 2018-01-16 17:10:07 UTC

SUSE-SU-2018:0112-1: An update that solves 5 vulnerabilities and has 10 fixes is now available.

Category: security (important)
Bug References: 1000677,1001502,1001912,1004499,1005878,1019334,1021641,1022085,1022271,1027908,1032261,1055825,1056058,1065363,990592
CVE References: CVE-2016-2108,CVE-2016-7056,CVE-2016-8610,CVE-2017-3731,CVE-2017-3735
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    openssl-1.0.1i-27.28.1

Comment 32 Swamp Workflow Management 2018-02-09 20:00:20 UTC

This is an autogenerated message for OBS integration:
This bug (1022085) was mentioned in
https://build.opensuse.org/request/show/574808 42.3 / openssl-steam

Comment 33 Swamp Workflow Management 2018-02-16 11:08:29 UTC

openSUSE-SU-2018:0458-1: An update that solves 16 vulnerabilities and has 12 fixes is now available.

Category: security (important)
Bug References: 1001148,1009528,1019334,1022085,1022086,1022271,982268,982575,983249,984323,990207,990392,990419,990428,991193,991877,992120,993819,994749,994844,995075,995324,995359,995377,998190,999665,999666,999668
CVE References: CVE-2016-2177,CVE-2016-2178,CVE-2016-2179,CVE-2016-2180,CVE-2016-2181,CVE-2016-2182,CVE-2016-2183,CVE-2016-6302,CVE-2016-6303,CVE-2016-6304,CVE-2016-6306,CVE-2016-7052,CVE-2016-7055,CVE-2016-7056,CVE-2017-3731,CVE-2017-3732
Sources used:
openSUSE Leap 42.3 (src):    openssl-steam-1.0.2k-4.3.1

Comment 35 Swamp Workflow Management 2022-02-16 20:46:40 UTC

SUSE-FU-2022:0445-1: An update that solves 183 vulnerabilities, contains 21 features and has 299 fixes is now available.

Category: feature (moderate)
Bug References: 1000080,1000117,1000194,1000677,1000742,1001148,1001912,1002585,1002895,1003091,1005246,1009528,1010874,1010966,1011936,1015549,1019637,1021641,1022085,1022086,1022271,1027079,1027610,1027688,1027705,1027908,1028281,1028723,1029523,1029902,1030038,1032118,1032119,1035604,1039469,1040164,1040256,1041090,1042392,1042670,1044095,1044107,1044175,1049186,1049304,1050653,1050665,1055478,1055542,1055825,1056058,1056951,1057496,1062237,1065363,1066242,1066873,1068790,1070737,1070738,1070853,1071905,1071906,1071941,1073310,1073845,1073879,1074247,1076519,1077096,1077230,1078329,1079761,1080301,1081005,1081750,1081751,1082155,1082163,1082318,1083826,1084117,1084157,1085276,1085529,1085661,1087102,1087104,1088573,1089039,1090427,1090765,1090953,1093518,1093917,1094788,1094814,1094883,1095267,1096738,1096937,1097158,1097531,1097624,1098535,1098592,1099308,1099569,1100078,1101246,1101470,1102868,1104789,1106197,1108508,1109882,1109998,1110435,1110869,1110871,1111493,1111622,1111657,1112209,1112357,1113534,1113652,1113742,1113975,1115769,1117951,1118611,1119376,1119416,1119792,1121717,1121852,1122191,1123064,1123185,1123186,1123558,1124885,1125815,1126283,1126318,1127080,1127173,1128146,1128323,1128355,1129071,1129566,1130840,1131291,1132174,1132323,1132455,1132663,1132900,1135009,1136444,1138666,1138715,1138746,1139915,1140255,1141168,1142899,1143033,1143454,1143893,1144506,1149686,1149792,1150003,1150190,1150250,1150895,1153830,1155815,1156677,1156694,1156908,1157104,1157354,1158809,1159235,1159538,1160163,1161557,1161770,1162224,1162367,1162743,1163978,1164310,1165439,1165578,1165730,1165823,1165960,1166139,1166758,1167008,1167501,1167732,1167746,1168480,1168973,1169489,1170175,1170863,1171368,1171561,1172226,1172908,1172928,1173226,1173356,1174009,1174091,1174514,1175729,1176116,1176129,1176134,1176232,1176256,1176257,1176258,1176259,1176262,1176389,1176785,1176977,1177120,1177127,1177559,1178168,1178341,1178670,1179491,1179562,1179630,1179805,1180125,1180781,1181126,1181324,1181944,1182066,1182211,1182244,1182264,1182331,1182333,1182379,1182963,1183059,1183374,1183858,1184505,1185588,1185706,1185748,1186738,1187045,1189521,1190781,1193357,356549,381844,394317,408865,428177,430141,431945,437293,442740,459468,489641,504687,509031,526319,590833,610223,610642,629905,637176,651003,657698,658604,670526,673071,693027,715423,720601,743787,747125,748738,749210,749213,749735,750618,751718,751946,751977,754447,754677,761500,774710,784670,784994,787526,793420,799119,802184,803004,809831,811890,822642,825221,828513,831629,832833,834601,835687,839107,84331,849377,855666,855676,856687,857203,857850,858239,867887,869945,871152,872299,873351,876282,876710,876712,876748,880891,885662,885882,889013,889363,892477,892480,895129,898917,901223,901277,901902,902364,906878,907584,908362,908372,912014,912015,912018,912292,912293,912294,912296,912460,913229,915479,917607,917759,917815,919648,920236,922448,922488,922496,922499,922500,926597,929678,929736,930189,931698,931978,933898,933911,934487,934489,934491,934493,935856,937085,937212,937492,937634,937912,939456,940608,942385,942751,943421,944204,945455,946648,947104,947357,947679,948198,952871,954256,954486,954690,957812,957813,957815,958501,961334,962291,963415,963974,964204,964472,964474,965830,967128,968046,968047,968048,968050,968265,968270,968374,968601,975875,976942,977584,977614,977615,977616,977663,978224,981848,982268,982575,983249,984323,985054,988086,990207,990392,990419,990428,991193,991877,992120,992988,992989,992992,993130,993819,993825,993968,994749,994844,994910,995075,995324,995359,995377,995959,996255,997043,997614,998190,999665,999666,999668
CVE References: CVE-2006-2937,CVE-2006-2940,CVE-2006-3738,CVE-2006-4339,CVE-2006-4343,CVE-2006-7250,CVE-2007-3108,CVE-2007-4995,CVE-2007-5135,CVE-2008-0891,CVE-2008-1672,CVE-2008-5077,CVE-2009-0590,CVE-2009-0591,CVE-2009-0789,CVE-2009-1377,CVE-2009-1378,CVE-2009-1379,CVE-2009-1386,CVE-2009-1387,CVE-2010-0740,CVE-2010-0742,CVE-2010-1633,CVE-2010-2939,CVE-2010-3864,CVE-2010-5298,CVE-2011-0014,CVE-2011-3207,CVE-2011-3210,CVE-2011-3389,CVE-2011-4108,CVE-2011-4576,CVE-2011-4577,CVE-2011-4619,CVE-2011-4944,CVE-2012-0027,CVE-2012-0050,CVE-2012-0845,CVE-2012-0884,CVE-2012-1150,CVE-2012-1165,CVE-2012-2110,CVE-2012-2686,CVE-2012-4929,CVE-2013-0166,CVE-2013-0169,CVE-2013-1752,CVE-2013-4238,CVE-2013-4314,CVE-2013-4353,CVE-2013-6449,CVE-2013-6450,CVE-2014-0012,CVE-2014-0076,CVE-2014-0160,CVE-2014-0195,CVE-2014-0198,CVE-2014-0221,CVE-2014-0224,CVE-2014-1829,CVE-2014-1830,CVE-2014-2667,CVE-2014-3470,CVE-2014-3505,CVE-2014-3506,CVE-2014-3507,CVE-2014-3508,CVE-2014-3509,CVE-2014-3510,CVE-2014-3511,CVE-2014-3512,CVE-2014-3513,CVE-2014-3566,CVE-2014-3567,CVE-2014-3568,CVE-2014-3570,CVE-2014-3571,CVE-2014-3572,CVE-2014-4650,CVE-2014-5139,CVE-2014-7202,CVE-2014-7203,CVE-2014-8275,CVE-2014-9721,CVE-2015-0204,CVE-2015-0205,CVE-2015-0206,CVE-2015-0209,CVE-2015-0286,CVE-2015-0287,CVE-2015-0288,CVE-2015-0289,CVE-2015-0293,CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1791,CVE-2015-1792,CVE-2015-2296,CVE-2015-3194,CVE-2015-3195,CVE-2015-3196,CVE-2015-3197,CVE-2015-3216,CVE-2015-4000,CVE-2016-0702,CVE-2016-0705,CVE-2016-0797,CVE-2016-0798,CVE-2016-0799,CVE-2016-0800,CVE-2016-10745,CVE-2016-2105,CVE-2016-2106,CVE-2016-2107,CVE-2016-2109,CVE-2016-2176,CVE-2016-2177,CVE-2016-2178,CVE-2016-2179,CVE-2016-2180,CVE-2016-2181,CVE-2016-2182,CVE-2016-2183,CVE-2016-6302,CVE-2016-6303,CVE-2016-6304,CVE-2016-6306,CVE-2016-7052,CVE-2016-7055,CVE-2016-9015,CVE-2017-18342,CVE-2017-3731,CVE-2017-3732,CVE-2017-3735,CVE-2017-3736,CVE-2017-3737,CVE-2017-3738,CVE-2018-0732,CVE-2018-0734,CVE-2018-0737,CVE-2018-0739,CVE-2018-18074,CVE-2018-20060,CVE-2018-5407,CVE-2018-7750,CVE-2019-10906,CVE-2019-11236,CVE-2019-11324,CVE-2019-13132,CVE-2019-1547,CVE-2019-1551,CVE-2019-1559,CVE-2019-1563,CVE-2019-20907,CVE-2019-20916,CVE-2019-5010,CVE-2019-6250,CVE-2019-8341,CVE-2019-9740,CVE-2019-9947,CVE-2020-14343,CVE-2020-15166,CVE-2020-15523,CVE-2020-15801,CVE-2020-1747,CVE-2020-1971,CVE-2020-25659,CVE-2020-26137,CVE-2020-27783,CVE-2020-28493,CVE-2020-29651,CVE-2020-36242,CVE-2020-8492,CVE-2021-23336,CVE-2021-23840,CVE-2021-23841,CVE-2021-28957,CVE-2021-29921,CVE-2021-3177,CVE-2021-33503,CVE-2021-3426,CVE-2021-3712
JIRA References: ECO-3105,SLE-11435,SLE-12684,SLE-12986,SLE-13688,SLE-14253,SLE-15159,SLE-15860,SLE-15861,SLE-16754,SLE-17532,SLE-17957,SLE-18260,SLE-18354,SLE-18446,SLE-19264,SLE-3887,SLE-4480,SLE-4577,SLE-7686,SLE-9135
Sources used:
SUSE Manager Tools 12-BETA (src):    venv-salt-minion-3002.2-3.3.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.