fkie_cve-2021-4160
Vulnerability from fkie_nvd
Published
2022-01-28 22:15
Modified
2024-11-21 06:37
Severity ?
Summary
There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.0. It was addressed in the releases of 1.1.1m and 3.0.1 on the 15th of December 2021. For the 1.0.2 release it is addressed in git commit 6fc1aaaf3 that is available to premium support customers only. It will be made available in 1.0.2zc when it is released. The issue only affects OpenSSL on MIPS platforms. Fixed in OpenSSL 3.0.1 (Affected 3.0.0). Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l). Fixed in OpenSSL 1.0.2zc-dev (Affected 1.0.2-1.0.2zb).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openssl | openssl | * | |
| openssl | openssl | * | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| openssl | openssl | 3.0.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 | |
| oracle | health_sciences_inform_publisher | 6.2.1.1 | |
| oracle | health_sciences_inform_publisher | 6.3.1.1 | |
| oracle | jd_edwards_enterpriseone_tools | 9.2.6.3 | |
| oracle | jd_edwards_world_security | a9.4 | |
| oracle | peoplesoft_enterprise_peopletools | 8.58 | |
| oracle | peoplesoft_enterprise_peopletools | 8.59 | |
| siemens | sinec_ins | * | |
| siemens | sinec_ins | 1.0 | |
| siemens | sinec_ins | 1.0 | |
| oracle | enterprise_manager_ops_center | 12.4.0.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "C0637240-BA4E-4B83-9E47-5418B2B8E76F", versionEndIncluding: "1.0.2zb", versionStartIncluding: "1.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "6314E930-4FD0-42E6-8953-75205248D0C0", versionEndExcluding: "1.1.1m", versionStartIncluding: "1.1.1", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:-:*:*:*:*:*:*", matchCriteriaId: "07D64A21-359E-40B7-8636-7E76D7466263", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha1:*:*:*:*:*:*", matchCriteriaId: "548C088E-7123-4825-B752-4DEA6A421766", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha10:*:*:*:*:*:*", matchCriteriaId: "94E6E480-5E0C-4BDA-B904-38A8E025A38E", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha11:*:*:*:*:*:*", matchCriteriaId: "68C330BD-0089-43E1-A5A7-89478D699FCC", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha12:*:*:*:*:*:*", matchCriteriaId: "EDDBB564-F8B3-4354-92DD-CBA482E01F55", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha13:*:*:*:*:*:*", matchCriteriaId: "FA41AD12-87F2-4F8F-9D92-BD141D1BB5CF", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha14:*:*:*:*:*:*", matchCriteriaId: "C7276F4F-2520-4477-9D52-7BEB6188A714", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha15:*:*:*:*:*:*", matchCriteriaId: "A0B98C2A-2B8B-406F-8881-455640624D9F", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha16:*:*:*:*:*:*", matchCriteriaId: "408C7AFA-F4ED-4D36-91BD-E621D056F0F7", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha17:*:*:*:*:*:*", matchCriteriaId: "96457E9D-6EFC-4FB9-AAF5-A9A27B519BE0", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha2:*:*:*:*:*:*", matchCriteriaId: "31593C1F-A2EA-4A47-8027-397C79EC9E30", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha3:*:*:*:*:*:*", matchCriteriaId: "C47AA30A-71D5-4AA4-9C0C-794B2705FE7F", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha4:*:*:*:*:*:*", matchCriteriaId: "7F4EAFB3-1345-4B67-8859-3EB1DFD23C59", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha5:*:*:*:*:*:*", matchCriteriaId: "D0F3FCF6-136F-4FF8-BB1D-B5D08E6C246C", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha6:*:*:*:*:*:*", matchCriteriaId: "3438FAA2-AEBC-4A32-8E33-3035EE392CFE", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha7:*:*:*:*:*:*", matchCriteriaId: "1AF93A67-34DE-44FC-9402-60048ADE8F1A", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha8:*:*:*:*:*:*", matchCriteriaId: "26ED655F-95C7-4A29-A0A1-F40C3150B36F", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:alpha9:*:*:*:*:*:*", matchCriteriaId: "8D6A2277-07F5-4D0F-BB36-268D0C449051", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:beta1:*:*:*:*:*:*", matchCriteriaId: "72F6B7A7-BCD5-42BE-A77A-B4A4CB3540B1", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:3.0.0:beta2:*:*:*:*:*:*", matchCriteriaId: "A6F74415-4AD7-47E0-8792-F971E655954F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:health_sciences_inform_publisher:6.2.1.1:*:*:*:*:*:*:*", matchCriteriaId: "2F12453B-0E7B-46B9-ADEC-0AC5EDC41058", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:health_sciences_inform_publisher:6.3.1.1:*:*:*:*:*:*:*", matchCriteriaId: "5D105A5B-0AA8-4782-B804-CB1384F85884", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2.6.3:*:*:*:*:*:*:*", matchCriteriaId: "4A87D1B6-87DF-4BC6-9C3E-F3AA47E22C4D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*", matchCriteriaId: "0B1CAD50-749F-4ADB-A046-BF3585677A58", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", matchCriteriaId: "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", matchCriteriaId: "C8AF00C6-B97F-414D-A8DF-057E6BFD8597", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B095CC03-7077-4A58-AB25-CC5380CDCE5A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.0. It was addressed in the releases of 1.1.1m and 3.0.1 on the 15th of December 2021. For the 1.0.2 release it is addressed in git commit 6fc1aaaf3 that is available to premium support customers only. It will be made available in 1.0.2zc when it is released. The issue only affects OpenSSL on MIPS platforms. Fixed in OpenSSL 3.0.1 (Affected 3.0.0). Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l). Fixed in OpenSSL 1.0.2zc-dev (Affected 1.0.2-1.0.2zb).", }, { lang: "es", value: "Se presenta un bug de propagación carry en el procedimiento de cuadratura de MIPS32 y MIPS64. Muchos algoritmos de la CE están afectados, incluyendo algunas de las curvas por defecto de TLS versión 1.3. El impacto no es analizado en detalle, porque los requisitos previos para el ataque son considerados poco probables e incluyen el reuso de claves privadas. El análisis sugiere que los ataques contra RSA y DSA como resultado de este defecto serían muy difíciles de llevar a cabo y no se consideran probables. Los ataques contra DH se consideran apenas factibles (aunque muy difíciles) porque la mayor parte del trabajo necesario para deducir información sobre una clave privada puede llevarse a cabo fuera de línea. La cantidad de recursos necesarios para un ataque de este tipo sería significativa. Sin embargo, para que un ataque a TLS tenga sentido, el servidor tendría que compartir la clave privada DH entre múltiples clientes, lo que ya no es una opción desde CVE-2016-0701. Este problema afecta a OpenSSL versiones 1.0.2, 1.1.1 y 3.0.0. Se ha abordado en versiones 1.1.1m y 3.0.1 el 15 de diciembre de 2021. En el caso de la versión 1.0.2, ha sido abordada en el commit 6fc1aaaf3 de git, que sólo está disponible para los clientes de soporte premium. Estará disponible en la versión 1.0.2zc cuando sea publicada. El problema sólo afecta a OpenSSL en plataformas MIPS. Corregido en OpenSSL versión 3.0.1 (Afectado versión 3.0.0). Corregido en OpenSSL versión 1.1.1m (Afectado versión 1.1.1-1.1.1l). Corregido en OpenSSL versión 1.0.2zc-dev (Afectado versión 1.0.2-1.0.2zb)", }, ], id: "CVE-2021-4160", lastModified: "2024-11-21T06:37:02.273", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-01-28T22:15:15.133", references: [ { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3bf7b73ea7123045b8f972badc67ed6878e6c37f", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202210-02", }, { source: "openssl-security@openssl.org", url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5103", }, { source: "openssl-security@openssl.org", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20220128.txt", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3bf7b73ea7123045b8f972badc67ed6878e6c37f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6fc1aaaf303185aa5e483e06bdfae16daa9193a7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202210-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5103", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20220128.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], sourceIdentifier: "openssl-security@openssl.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.