csaf_certbund - WID-SEC-W-2023-3082

WID-SEC-W-2023-3082

Vulnerability from csaf_certbund

Published

2019-03-06 23:00

Modified

2024-11-25 23:00

Summary

OpenSSL: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.

Angriff

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSL ausnutzen, um Sicherheitsvorkehrungen zu umgehen.

Betroffene Betriebssysteme

- Linux - UNIX - Windows

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         text: "mittel",
      },
      category: "csaf_base",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "de-DE",
      notes: [
         {
            category: "legal_disclaimer",
            text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.",
         },
         {
            category: "description",
            text: "OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.",
            title: "Produktbeschreibung",
         },
         {
            category: "summary",
            text: "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSL ausnutzen, um Sicherheitsvorkehrungen zu umgehen.",
            title: "Angriff",
         },
         {
            category: "general",
            text: "- Linux\n- UNIX\n- Windows",
            title: "Betroffene Betriebssysteme",
         },
      ],
      publisher: {
         category: "other",
         contact_details: "csaf-provider@cert-bund.de",
         name: "Bundesamt für Sicherheit in der Informationstechnik",
         namespace: "https://www.bsi.bund.de",
      },
      references: [
         {
            category: "self",
            summary: "WID-SEC-W-2023-3082 - CSAF Version",
            url: "https://wid.cert-bund.de/.well-known/csaf/white/2019/wid-sec-w-2023-3082.json",
         },
         {
            category: "self",
            summary: "WID-SEC-2023-3082 - Portal Version",
            url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3082",
         },
         {
            category: "external",
            summary: "OpenSSL Security Advisory vom 2019-03-06",
            url: "http://www.openssl.org/news/secadv/20190306.txt",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2019:0678-1 vom 2019-03-21",
            url: "https://www.suse.com/support/update/announcement/2019/suse-su-20190678-1.html",
         },
         {
            category: "external",
            summary: "SUSE Security Update SUSE-SU-2019:0787-1 vom 2019-03-28",
            url: "https://www.suse.com/support/update/announcement/2019/suse-su-20190787-1.html",
         },
         {
            category: "external",
            summary: "Arch Linux Security Advisory ASA-201906-7 vom 2019-06-12",
            url: "https://security.archlinux.org/ASA-201906-7",
         },
         {
            category: "external",
            summary: "Arch Linux Security Advisory ASA-201906-6 vom 2019-06-12",
            url: "https://security.archlinux.org/ASA-201906-6",
         },
         {
            category: "external",
            summary: "Debian Security Advisory DSA-4475 vom 2019-07-02",
            url: "http://www.debian.org/security/2019/dsa-4475",
         },
         {
            category: "external",
            summary: "Symantec Security Advisory SYMSA1490 vom 2019-09-06",
            url: "https://support.symantec.com/us/en/article.SYMSA1490.html",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2019:3700 vom 2019-11-05",
            url: "https://access.redhat.com/errata/RHSA-2019:3700",
         },
         {
            category: "external",
            summary: "HPE Security Bulletin",
            url: "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbux04160en_us",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2023-32791 vom 2023-12-07",
            url: "https://linux.oracle.com/errata/ELSA-2023-32791.html",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2023-32790 vom 2023-12-07",
            url: "https://linux.oracle.com/errata/ELSA-2023-32790.html",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2023-13027 vom 2023-12-07",
            url: "https://linux.oracle.com/errata/ELSA-2023-13027.html",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2023-13026 vom 2023-12-07",
            url: "https://linux.oracle.com/errata/ELSA-2023-13026.html",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2023-13025 vom 2023-12-07",
            url: "https://linux.oracle.com/errata/ELSA-2023-13025.html",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2023-13024 vom 2023-12-07",
            url: "https://linux.oracle.com/errata/ELSA-2023-13024.html",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-12408 vom 2024-06-05",
            url: "https://linux.oracle.com/errata/ELSA-2024-12408.html",
         },
         {
            category: "external",
            summary: "Oracle Linux Security Advisory ELSA-2024-12842 vom 2024-11-25",
            url: "https://linux.oracle.com/errata/ELSA-2024-12842.html",
         },
      ],
      source_lang: "en-US",
      title: "OpenSSL: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen",
      tracking: {
         current_release_date: "2024-11-25T23:00:00.000+00:00",
         generator: {
            date: "2024-11-26T09:25:03.325+00:00",
            engine: {
               name: "BSI-WID",
               version: "1.3.8",
            },
         },
         id: "WID-SEC-W-2023-3082",
         initial_release_date: "2019-03-06T23:00:00.000+00:00",
         revision_history: [
            {
               date: "2019-03-06T23:00:00.000+00:00",
               number: "1",
               summary: "Initiale Fassung",
            },
            {
               date: "2019-03-21T23:00:00.000+00:00",
               number: "2",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2019-03-28T23:00:00.000+00:00",
               number: "3",
               summary: "Neue Updates von SUSE aufgenommen",
            },
            {
               date: "2019-06-11T22:00:00.000+00:00",
               number: "4",
               summary: "Neue Updates von Arch Linux aufgenommen",
            },
            {
               date: "2019-07-01T22:00:00.000+00:00",
               number: "5",
               summary: "Neue Updates von Debian aufgenommen",
            },
            {
               date: "2019-09-05T22:00:00.000+00:00",
               number: "6",
               summary: "Neue Updates von Symantec aufgenommen",
            },
            {
               date: "2019-09-10T22:00:00.000+00:00",
               number: "7",
               summary: "Referenz(en) aufgenommen: FEDORA-2019-9A0A7C0986, FEDORA-2019-00C25B9379",
            },
            {
               date: "2019-09-11T22:00:00.000+00:00",
               number: "8",
               summary: "Referenz(en) aufgenommen: FEDORA-2019-DB06EFDEA1",
            },
            {
               date: "2019-11-05T23:00:00.000+00:00",
               number: "9",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2021-06-09T22:00:00.000+00:00",
               number: "10",
               summary: "Neue Updates von HP aufgenommen",
            },
            {
               date: "2023-12-07T23:00:00.000+00:00",
               number: "11",
               summary: "Neue Updates von Oracle Linux aufgenommen",
            },
            {
               date: "2024-06-04T22:00:00.000+00:00",
               number: "12",
               summary: "Neue Updates von Oracle Linux aufgenommen",
            },
            {
               date: "2024-11-25T23:00:00.000+00:00",
               number: "13",
               summary: "Neue Updates von Oracle Linux aufgenommen",
            },
         ],
         status: "final",
         version: "13",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  category: "product_name",
                  name: "Debian Linux",
                  product: {
                     name: "Debian Linux",
                     product_id: "2951",
                     product_identification_helper: {
                        cpe: "cpe:/o:debian:debian_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Debian",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "HPE HP-UX",
                  product: {
                     name: "HPE HP-UX",
                     product_id: "4871",
                     product_identification_helper: {
                        cpe: "cpe:/o:hp:hp-ux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "HPE",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Open Source Arch Linux",
                  product: {
                     name: "Open Source Arch Linux",
                     product_id: "T013312",
                     product_identification_helper: {
                        cpe: "cpe:/o:archlinux:archlinux:-",
                     },
                  },
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "1.1.0",
                        product: {
                           name: "Open Source OpenSSL 1.1.0",
                           product_id: "345807",
                           product_identification_helper: {
                              cpe: "cpe:/a:openssl:openssl:1.1.0",
                           },
                        },
                     },
                     {
                        category: "product_version",
                        name: "1.1.1",
                        product: {
                           name: "Open Source OpenSSL 1.1.1",
                           product_id: "402226",
                           product_identification_helper: {
                              cpe: "cpe:/a:openssl:openssl:1.1.1",
                           },
                        },
                     },
                  ],
                  category: "product_name",
                  name: "OpenSSL",
               },
            ],
            category: "vendor",
            name: "Open Source",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Oracle Linux",
                  product: {
                     name: "Oracle Linux",
                     product_id: "T004914",
                     product_identification_helper: {
                        cpe: "cpe:/o:oracle:linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Oracle",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Red Hat Enterprise Linux",
                  product: {
                     name: "Red Hat Enterprise Linux",
                     product_id: "67646",
                     product_identification_helper: {
                        cpe: "cpe:/o:redhat:enterprise_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Red Hat",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "SUSE Linux",
                  product: {
                     name: "SUSE Linux",
                     product_id: "T002207",
                     product_identification_helper: {
                        cpe: "cpe:/o:suse:suse_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2019-1543",
         notes: [
            {
               category: "description",
               text: "Es existiert eine Schwachstelle in OpenSSL. Diese besteht bei der Verwendung von ChaCha20-Poly1305 Chiffren, aufgrund einer unsachgemäßen Überprüfung von Nonce-Werten. Ein Angreifer kann diese Schwachstelle ausnutzen, um unter bestimmten Umständen Angriffe auf Vertraulichkeit und Integrität durchzuführen.",
            },
         ],
         product_status: {
            known_affected: [
               "2951",
               "T002207",
               "67646",
               "4871",
               "345807",
               "402226",
               "T013312",
               "T004914",
            ],
         },
         release_date: "2019-03-06T23:00:00.000+00:00",
         title: "CVE-2019-1543",
      },
   ],
}

cve-2019-1543

Vulnerability from cvelistv5

Published

2019-03-06 21:00

Modified

2024-09-16 17:43

Severity ?

Summary

ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 bytes. However it also incorrectly allows a nonce to be set of up to 16 bytes. In this case only the last 12 bytes are significant and any additional leading bytes are ignored. It is a requirement of using this cipher that nonce values are unique. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks. If an application changes the default nonce length to be longer than 12 bytes and then makes a change to the leading bytes of the nonce expecting the new value to be a new unique nonce then such an application could inadvertently encrypt messages with a reused nonce. Additionally the ignored bytes in a long nonce are not covered by the integrity guarantee of this cipher. Any application that relies on the integrity of these ignored leading bytes of a long nonce may be further affected. Any OpenSSL internal use of this cipher, including in SSL/TLS, is safe because no such use sets such a long nonce value. However user applications that use this cipher directly and set a non-default nonce length to be longer than 12 bytes may be vulnerable. OpenSSL versions 1.1.1 and 1.1.0 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1c (Affected 1.1.1-1.1.1b). Fixed in OpenSSL 1.1.0k (Affected 1.1.0-1.1.0j).

References

▼	URL	Tags
	https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=f426625b6ae9a7831010750490a5f0ad689c5ba3	x_refsource_CONFIRM
	https://www.openssl.org/news/secadv/20190306.txt	x_refsource_CONFIRM
	https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ee22257b1418438ebaf54df98af4e24f494d1809	x_refsource_CONFIRM
	https://seclists.org/bugtraq/2019/Jul/3	mailing-list, x_refsource_BUGTRAQ
	https://www.debian.org/security/2019/dsa-4475	vendor-advisory, x_refsource_DEBIAN
	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html	vendor-advisory, x_refsource_SUSE
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/	vendor-advisory, x_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/	vendor-advisory, x_refsource_FEDORA
	https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html	x_refsource_MISC
	https://access.redhat.com/errata/RHSA-2019:3700	vendor-advisory, x_refsource_REDHAT
	https://www.oracle.com/security-alerts/cpuapr2020.html	x_refsource_MISC
	https://kc.mcafee.com/corporate/index?page=content&id=SB10365	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	OpenSSL	OpenSSL	Version: Fixed in OpenSSL 1.1.1c (Affected 1.1.1-1.1.1b) Version: Fixed in OpenSSL 1.1.0k (Affected 1.1.0-1.1.0j)

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T18:20:27.631Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=f426625b6ae9a7831010750490a5f0ad689c5ba3",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.openssl.org/news/secadv/20190306.txt",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ee22257b1418438ebaf54df98af4e24f494d1809",
               },
               {
                  name: "20190701 [SECURITY] [DSA 4475-1] openssl security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "https://seclists.org/bugtraq/2019/Jul/3",
               },
               {
                  name: "DSA-4475",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2019/dsa-4475",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
               },
               {
                  name: "openSUSE-SU-2019:1814",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html",
               },
               {
                  name: "FEDORA-2019-00c25b9379",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/",
               },
               {
                  name: "FEDORA-2019-9a0a7c0986",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
               },
               {
                  name: "RHSA-2019:3700",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2019:3700",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpuapr2020.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10365",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "OpenSSL",
               vendor: "OpenSSL",
               versions: [
                  {
                     status: "affected",
                     version: "Fixed in OpenSSL 1.1.1c (Affected 1.1.1-1.1.1b)",
                  },
                  {
                     status: "affected",
                     version: "Fixed in OpenSSL 1.1.0k (Affected 1.1.0-1.1.0j)",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Joran Dirk Greef of Ronomon",
            },
         ],
         datePublic: "2019-03-06T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 bytes. However it also incorrectly allows a nonce to be set of up to 16 bytes. In this case only the last 12 bytes are significant and any additional leading bytes are ignored. It is a requirement of using this cipher that nonce values are unique. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks. If an application changes the default nonce length to be longer than 12 bytes and then makes a change to the leading bytes of the nonce expecting the new value to be a new unique nonce then such an application could inadvertently encrypt messages with a reused nonce. Additionally the ignored bytes in a long nonce are not covered by the integrity guarantee of this cipher. Any application that relies on the integrity of these ignored leading bytes of a long nonce may be further affected. Any OpenSSL internal use of this cipher, including in SSL/TLS, is safe because no such use sets such a long nonce value. However user applications that use this cipher directly and set a non-default nonce length to be longer than 12 bytes may be vulnerable. OpenSSL versions 1.1.1 and 1.1.0 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1c (Affected 1.1.1-1.1.1b). Fixed in OpenSSL 1.1.0k (Affected 1.1.0-1.1.0j).",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     lang: "eng",
                     url: "https://www.openssl.org/policies/secpolicy.html#Low",
                     value: "Low",
                  },
                  type: "unknown",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Nonce Reuse",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-07-31T07:06:28",
            orgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
            shortName: "openssl",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=f426625b6ae9a7831010750490a5f0ad689c5ba3",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.openssl.org/news/secadv/20190306.txt",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ee22257b1418438ebaf54df98af4e24f494d1809",
            },
            {
               name: "20190701 [SECURITY] [DSA 4475-1] openssl security update",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "https://seclists.org/bugtraq/2019/Jul/3",
            },
            {
               name: "DSA-4475",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "https://www.debian.org/security/2019/dsa-4475",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
            },
            {
               name: "openSUSE-SU-2019:1814",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html",
            },
            {
               name: "FEDORA-2019-00c25b9379",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/",
            },
            {
               name: "FEDORA-2019-9a0a7c0986",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
            },
            {
               name: "RHSA-2019:3700",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2019:3700",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpuapr2020.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10365",
            },
         ],
         title: "ChaCha20-Poly1305 with long nonces",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "openssl-security@openssl.org",
               DATE_PUBLIC: "2019-03-06",
               ID: "CVE-2019-1543",
               STATE: "PUBLIC",
               TITLE: "ChaCha20-Poly1305 with long nonces",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "OpenSSL",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Fixed in OpenSSL 1.1.1c (Affected 1.1.1-1.1.1b)",
                                       },
                                       {
                                          version_value: "Fixed in OpenSSL 1.1.0k (Affected 1.1.0-1.1.0j)",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "OpenSSL",
                     },
                  ],
               },
            },
            credit: [
               {
                  lang: "eng",
                  value: "Joran Dirk Greef of Ronomon",
               },
            ],
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 bytes. However it also incorrectly allows a nonce to be set of up to 16 bytes. In this case only the last 12 bytes are significant and any additional leading bytes are ignored. It is a requirement of using this cipher that nonce values are unique. Messages encrypted using a reused nonce value are susceptible to serious confidentiality and integrity attacks. If an application changes the default nonce length to be longer than 12 bytes and then makes a change to the leading bytes of the nonce expecting the new value to be a new unique nonce then such an application could inadvertently encrypt messages with a reused nonce. Additionally the ignored bytes in a long nonce are not covered by the integrity guarantee of this cipher. Any application that relies on the integrity of these ignored leading bytes of a long nonce may be further affected. Any OpenSSL internal use of this cipher, including in SSL/TLS, is safe because no such use sets such a long nonce value. However user applications that use this cipher directly and set a non-default nonce length to be longer than 12 bytes may be vulnerable. OpenSSL versions 1.1.1 and 1.1.0 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1c (Affected 1.1.1-1.1.1b). Fixed in OpenSSL 1.1.0k (Affected 1.1.0-1.1.0j).",
                  },
               ],
            },
            impact: [
               {
                  lang: "eng",
                  url: "https://www.openssl.org/policies/secpolicy.html#Low",
                  value: "Low",
               },
            ],
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Nonce Reuse",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f426625b6ae9a7831010750490a5f0ad689c5ba3",
                     refsource: "CONFIRM",
                     url: "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f426625b6ae9a7831010750490a5f0ad689c5ba3",
                  },
                  {
                     name: "https://www.openssl.org/news/secadv/20190306.txt",
                     refsource: "CONFIRM",
                     url: "https://www.openssl.org/news/secadv/20190306.txt",
                  },
                  {
                     name: "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ee22257b1418438ebaf54df98af4e24f494d1809",
                     refsource: "CONFIRM",
                     url: "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ee22257b1418438ebaf54df98af4e24f494d1809",
                  },
                  {
                     name: "20190701 [SECURITY] [DSA 4475-1] openssl security update",
                     refsource: "BUGTRAQ",
                     url: "https://seclists.org/bugtraq/2019/Jul/3",
                  },
                  {
                     name: "DSA-4475",
                     refsource: "DEBIAN",
                     url: "https://www.debian.org/security/2019/dsa-4475",
                  },
                  {
                     name: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
                  },
                  {
                     name: "openSUSE-SU-2019:1814",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html",
                  },
                  {
                     name: "FEDORA-2019-00c25b9379",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/",
                  },
                  {
                     name: "FEDORA-2019-9a0a7c0986",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/",
                  },
                  {
                     name: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
                  },
                  {
                     name: "RHSA-2019:3700",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2019:3700",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpuapr2020.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpuapr2020.html",
                  },
                  {
                     name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10365",
                     refsource: "CONFIRM",
                     url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10365",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
      assignerShortName: "openssl",
      cveId: "CVE-2019-1543",
      datePublished: "2019-03-06T21:00:00Z",
      dateReserved: "2018-11-28T00:00:00",
      dateUpdated: "2024-09-16T17:43:26.783Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted