CVE-2019-1559

Priority
Description
If an application encounters a fatal protocol error and then calls
SSL_shutdown() twice (once to send a close_notify, and once to receive one)
then OpenSSL can respond differently to the calling application if a 0 byte
record is received with invalid padding compared to if a 0 byte record is
received with an invalid MAC. If the application then behaves differently
based on that in a way that is detectable to the remote peer, then this
amounts to a padding oracle that could be used to decrypt data. In order
for this to be exploitable "non-stitched" ciphersuites must be in use.
Stitched ciphersuites are optimised implementations of certain commonly
used ciphersuites. Also the application must call SSL_shutdown() twice even
if a protocol error has occurred (applications should not do this but some
do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).
Notes
mdeslaurdoesn't affect 1.1.x

this fix is a workaround for applications that call
SSL_shutdown() twice even if a protocol error has occurred

upstream fix uses error handling mechanism introduced in 1.0.2,
which isn't available in 1.0.1f. While we are unlikely to fix
this issue in Ubuntu 14.04 LTS, marking as deferred for now
in case the vulnerable applications are identified.
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (uses system openssl)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (uses system openssl)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (uses system openssl1.0)
Ubuntu 19.04 (Disco Dingo):not-affected (uses system openssl1.1)
Ubuntu 19.10 (Eoan Ermine):not-affected (uses system openssl1.1)
Ubuntu 20.04 (Focal Fossa):not-affected (uses system openssl1.1)
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):needed
Ubuntu 14.04 ESM (Trusty Tahr):deferred (2019-04-15)
Ubuntu 16.04 LTS (Xenial Xerus):released (1.0.2g-1ubuntu4.15)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (1.1.0g-2ubuntu4.3)
Ubuntu 19.04 (Disco Dingo):not-affected (1.1.1a-1ubuntu2)
Ubuntu 19.10 (Eoan Ermine):not-affected (1.1.1a-1ubuntu2)
Ubuntu 20.04 (Focal Fossa):not-affected (1.1.1a-1ubuntu2)
Patches:
Upstream:https://github.com/openssl/openssl/commit/e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was needs-triage)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (1.0.2n-1ubuntu5.3)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
More Information

Updated: 2019-12-05 20:01:50 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)