CVE-2017-13098 in Ubuntu

CVE-2017-13098

Priority

Description

BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE
(Java Cryptography Extension) for cryptographic functions, provides a weak
Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is
negotiated. An attacker can recover the private key from a vulnerable
application. This vulnerability is referred to as "ROBOT."

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13098
https://robotattack.org/
http://www.kb.cert.org/vuls/id/144389

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884241

Notes

Package

Source: bouncycastle (LP Ubuntu Debian)

Upstream:	released (1.58-1)
Ubuntu 18.04 LTS:	not-affected (1.59-1)
Ubuntu 14.04 ESM:	DNE (trusty was not-affected [code not present])

Patches:

Upstream:

https://github.com/bcgit/bc-java/commit/a00b684465b38d722ca9a3543b8af8568e6bad5c

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2022-04-13 12:54:34 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)