CVE-2012-0884 in Ubuntu

CVE-2012-0884

Priority

Low

Description

The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in
OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict
certain oracle behavior, which makes it easier for context-dependent
attackers to decrypt data via a Million Message Attack (MMA) adaptive
chosen ciphertext attack.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0884
http://www.openssl.org/news/secadv_20120312.txt
http://www.ubuntu.com/usn/usn-1451-1

Notes

sbeattie> only affects CMS, PKCS #7, or S/MIME decryption, not SSL/TLS
transactions
mdeslaur> from oss-security: "If a Linux distribution picks up the fix for
mdeslaur> CVE-2012-0884 then they will want to pick up change 22161 at the
mdeslaur> same time since the fix for the security vulnerability will
mdeslaur> generally cause symmetric decryption errors when it kicks in and
mdeslaur> things get very confusing for the end user without change 22161"
mdeslaur> A second issue was fixed too, see:
mdeslaur> http://www.openwall.com/lists/oss-security/2012/05/11/5

Package

Source: openssl098 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 12.04 LTS (Precise Pangolin):	released (0.9.8o-7ubuntu3.2)
Ubuntu 14.04 LTS (Trusty Tahr):	released (0.9.8o-7ubuntu3.2.14.04.1)

Package

Source: openssl (LP Ubuntu Debian)

Upstream:	released (1.0.1)
Ubuntu 12.04 LTS (Precise Pangolin):	not-affected (1.0.1-4ubuntu1)
Ubuntu 14.04 LTS (Trusty Tahr):	not-affected (1.0.1-4ubuntu1)

Patches:

Upstream:	http://cvs.openssl.org/chngview?cn=22238
Upstream:	http://cvs.openssl.org/chngview?cn=22161 (related)
Upstream:	http://cvs.openssl.org/chngview?cn=22537
Vendor:	http://www.debian.org/security/2012/dsa-2454

More Information

Updated: 2016-03-23 03:39:19 UTC (commit 10817)