Rapid7 Vulnerability & Exploit Database

Oracle Linux: (CVE-2023-6129) ELSA-2024-2447: openssl and openssl-fips-provider security update

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Oracle Linux: (CVE-2023-6129) ELSA-2024-2447: openssl and openssl-fips-provider security update

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
01/09/2024
Created
05/22/2024
Added
05/07/2024
Modified
05/07/2024

Description

Issue summary: The POLY1305 MAC (message authentication code) implementation

contains a bug that might corrupt the internal state of applications running

on PowerPC CPU based platforms if the CPU provides vector instructions.

Impact summary: If an attacker can influence whether the POLY1305 MAC

algorithm is used, the application state might be corrupted with various

application dependent consequences.

The POLY1305 MAC (message authentication code) implementation in OpenSSL for

PowerPC CPUs restores the contents of vector registers in a different order

than they are saved. Thus the contents of some of these vector registers

are corrupted when returning to the caller. The vulnerable code is used only

on newer PowerPC processors supporting the PowerISA 2.07 instructions.

The consequences of this kind of internal application state corruption can

be various - from no consequences, if the calling application does not

depend on the contents of non-volatile XMM registers at all, to the worst

consequences, where the attacker could get complete control of the application

process. However unless the compiler uses the vector registers for storing

pointers, the most likely consequence, if any, would be an incorrect result

of some application dependent calculations or a crash leading to a denial of

service.

The POLY1305 MAC algorithm is most frequently used as part of the

CHACHA20-POLY1305 AEAD (authenticated encryption with associated data)

algorithm. The most common usage of this AEAD cipher is with TLS protocol

versions 1.2 and 1.3. If this cipher is enabled on the server a malicious

client can influence whether this AEAD cipher is used. This implies that

TLS server applications using OpenSSL can be potentially impacted. However

we are currently not aware of any concrete application that would be affected

by this issue therefore we consider this a Low severity security issue.

Solution(s)

  • oracle-linux-upgrade-openssl
  • oracle-linux-upgrade-openssl-devel
  • oracle-linux-upgrade-openssl-fips-provider
  • oracle-linux-upgrade-openssl-libs
  • oracle-linux-upgrade-openssl-perl

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;