As announdes about a week ago, today a new load of OpenSSL vulnerabilities is disclosed. Latest impact analysis: No need to scramble.
Disclaimer: I'm neither a C-programmer nor a cryptographer. This is my personal assessment of the issues and provides no guarantees and comes without any warranty.
16:27 CET: Added links
16:28 CET: Added LibreSSL impact in table
16:47 CET: Add confirmation from Bob Beck
| CVE reference | Severity | LibreSSL | Description |
|---|---|---|---|
| CVE-2016-0702 | Low | ??? | Side channel attack on modular exponentiation (CacheBleed) |
| CVE-2016-0703 | High | Not vulnerable | Divide-and-conquer session key recovery in SSLv2 |
| CVE-2016-0704 | Moderate | Not vulnerable | Bleichenbacher oracle in SSLv2 |
| CVE-2016-0705 | Low | Not vulnerable | Double-free in DSA code |
| CVE-2016-0797 | Low | ??? | BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption |
| CVE-2016-0798 | Low | Memory leak in SRP database lookups | |
| CVE-2016-0799 | Low | Not vulnerable | Fix memory issues in BIO_*printf functions |
| CVE-2016-0800 | High | Not vulnerable | Cross-protocol attack on TLS using SSLv2 (DROWN) |
Bob Beck confirmed that there's no immediate need to patch LibreSSL
CacheBleed (CVE-2016-0702)
LibreSSL: Assumed Vulnerable
Severity: Low
Vulnerability can only be exploited by a user on the local system and requires running 2 HT threads on the same CPU core. Extremely complex to achieve and not exploitable remotely. No reason to worry unless you have untrusted users logging on to your sysem (ssh etc.)
OpenSSL source diffs 1 2 3 4 5
DROWN (CVE-2016-0800)
LibreSSL: Not Vulnerable
SSLv2 was deleted from LibreSSL long ago, prior to the first release.
LibreSSL diff (2014!)
CVE-2016-0704
LibreSSL: Not Vulnerable Severity: Moderate
SSLv2 was deleted from LibreSSL long ago, prior to the first release.
LibreSSL diff (2014!)
CVE-2016-0705
LibreSSL: Probably Vulnerable
Severity: Low
LibreSSL contains same code but other mitigations are in place source
Source diff
CVE-2016-0797
LibreSSL: Probably Vulnerable
Severity: Low
LibreSSL contains same code
Source diff
CVE-2016-0798
LibreSSL: Not Vulnerable
Severity: Low
SRP feature was removed long ago.
Source diff
CVE-2016-0799
LibreSSL: Not Vulnerable
The complete code was replaced with far simpler code. Who needs to reimplement printf!
Source diff
_Happy patching _
