Vulnerability Description
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openssl | Openssl | >= 1.0.2, < 1.0.2r |
| Canonical | Ubuntu Linux | 16.04 |
| Debian | Debian Linux | 8.0 |
| Netapp | Active Iq Unified Manager | >= 7.3 |
| Netapp | Altavault | - |
| Netapp | Cloud Backup | - |
| Netapp | Clustered Data Ontap Antivirus Connector | - |
| Netapp | Element Software | - |
| Netapp | Hci Management Node | - |
| Netapp | Hyper Converged Infrastructure | - |
| Netapp | Oncommand Insight | - |
| Netapp | Oncommand Unified Manager | - |
| Netapp | Oncommand Unified Manager Core Package | - |
| Netapp | Oncommand Workflow Automation | - |
| Netapp | Ontap Select Deploy | - |
| Netapp | Ontap Select Deploy Administration Utility | - |
| Netapp | Santricity Smi-S Provider | - |
| Netapp | Service Processor | - |
| Netapp | Smi-S Provider | - |
| Netapp | Snapcenter | - |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00047.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00049.htmlMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00080.htmlMailing ListThird Party Advisory
- http://www.securityfocus.com/bid/107174Third Party AdvisoryVDB Entry
- https://access.redhat.com/errata/RHSA-2019:2304Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2437Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2439Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:2471Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:3929Third Party Advisory
- https://access.redhat.com/errata/RHSA-2019:3931Third Party Advisory
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9bbefbf0f24c57
- https://kc.mcafee.com/corporate/index?page=content&id=SB10282Third Party Advisory
FAQ
What is CVE-2019-1559?
CVE-2019-1559 is a vulnerability with a CVSS score of 5.9 (MEDIUM). If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling appli...
How severe is CVE-2019-1559?
CVE-2019-1559 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-1559?
Check the references section above for vendor advisories and patch information. Affected products include: Openssl Openssl, Canonical Ubuntu Linux, Debian Debian Linux, Netapp Active Iq Unified Manager, Netapp Altavault.