Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 3 May 2016 20:35:26 +0300
From: Solar Designer <solar@...nwall.com>
To: oss-security@...ts.openwall.com
Subject: Re: OpenSSL Security Advisory [3rd May 2016]

On Tue, May 03, 2016 at 06:52:43PM +0200, Gsunde Orangen wrote:
> * Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
> The advisory says: "This issue was introduced as part of the fix for
> Lucky 13 padding attack (CVE-2013-0169)".
> So the following versions should be affected (ref.
> https://openssl.org/news/vulnerabilities.html#y2013):
>  - 1.0.2 through 1.02g
>  - 1.0.1d through 1.0.1s
>  - 1.0.0k and all later versions
>  - 0.9.8y and all later versions

You're assuming that all versions with the fix for CVE-2013-0169 are
affected, but the description also says that the new bug is in AES-NI
specific code.  AES-NI support appears to be missing in 1.0.0 and older.
I've just tried grepping 1.0.0t for aesenc (one of the AES-NI mnemonics,
present in the 1.0.1 tree) - it isn't in there.

Alexander

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.