FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- OpenSSL multiple vulnerabilities

Affected packages
11.1 <= FreeBSD < 11.1_5
11.0 <= FreeBSD < 11.0_16
10.4 <= FreeBSD < 10.4_4
10.3 <= FreeBSD < 10.3_25

Details

VuXML ID 9442a811-dab3-11e7-b5af-a4badb2f4699
Discovery 2017-11-29
Entry 2017-12-06

Problem Description:

If an X.509 certificate has a malformed IPAddressFamily extension, OpenSSL could do a one-byte buffer overread. [CVE-2017-3735]

There is a carry propagating bug in the x86_64 Montgomery squaring procedure. This only affects processors that support the BMI1, BMI2 and ADX extensions like Intel Broadwell (5th generation) and later or AMD Ryzen. [CVE-2017-3736] This bug only affects FreeBSD 11.x.

Impact:

Application using OpenSSL may display erroneous certificate in text format. [CVE-2017-3735]

Mishandling of carry propagation will produce incorrect output, and make it easier for a remote attacker to obtain sensitive private-key information. No EC algorithms are affected, analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely.

Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. An attacker would additionally need online access to an unpatched system using the target private key in a scenario with persistent DH parameters and a private key that is shared between multiple clients. [CVE-2017-3736]

References

CVE Name CVE-2017-3735
CVE Name CVE-2017-3736
FreeBSD Advisory SA-17:11.openssl