CVE-2019-1559

Priority
Description
If an application encounters a fatal protocol error and then calls
SSL_shutdown() twice (once to send a close_notify, and once to receive one)
then OpenSSL can respond differently to the calling application if a 0 byte
record is received with invalid padding compared to if a 0 byte record is
received with an invalid MAC. If the application then behaves differently
based on that in a way that is detectable to the remote peer, then this
amounts to a padding oracle that could be used to decrypt data. In order
for this to be exploitable "non-stitched" ciphersuites must be in use.
Stitched ciphersuites are optimised implementations of certain commonly
used ciphersuites. Also the application must call SSL_shutdown() twice even
if a protocol error has occurred (applications should not do this but some
do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).
Notes
 mdeslaur> doesn't affect 1.1.x
 mdeslaur>
 mdeslaur> this fix is a workaround for applications that call
 mdeslaur> SSL_shutdown() twice even if a protocol error has occurred
 mdeslaur>
 mdeslaur> upstream fix uses error handling mechanism introduced in 1.0.2,
 mdeslaur> which isn't available in 1.0.1f. While we are unlikely to fix
 mdeslaur> this issue in Ubuntu 14.04 LTS, marking as deferred for now
 mdeslaur> in case the vulnerable applications are identified.
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (uses system openssl)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (uses system openssl)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (uses system openssl1.0)
Ubuntu 19.04 (Disco Dingo):not-affected (uses system openssl1.1)
Ubuntu 19.10 (Eoan):not-affected (uses system openssl1.1)
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):needed
Ubuntu 14.04 ESM (Trusty Tahr):deferred (2019-04-15)
Ubuntu 16.04 LTS (Xenial Xerus):released (1.0.2g-1ubuntu4.15)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (1.1.0g-2ubuntu4.3)
Ubuntu 19.04 (Disco Dingo):not-affected (1.1.1a-1ubuntu2)
Ubuntu 19.10 (Eoan):not-affected (1.1.1a-1ubuntu2)
Patches:
Upstream:https://github.com/openssl/openssl/commit/e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was needs-triage)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (1.0.2n-1ubuntu5.3)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
More Information

Updated: 2019-08-23 07:58:22 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)