Bug 964843 (CVE-2016-2217)

Summary: VUL-0: CVE-2016-2217: socat: DH p parameter not prime
Product: [Novell Products] SUSE Security Incidents Reporter: Andreas Stieger <astieger>
Component: IncidentsAssignee: Marcus Meissner <meissner>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Major    
Priority: P5 - None CC: abergmann, meissner, sweet_f_a
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: openSUSE 42.1   
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Andreas Stieger 2016-02-03 08:45:35 UTC
From http://www.openwall.com/lists/oss-security/2016/02/01/4

  In the OpenSSL address implementation the hard coded 1024 bit DH p
  parameter was not prime. The effective cryptographic strength of a key
  exchange using these parameters was weaker than the one one could get by
  using a prime p. Moreover, since there is no indication of how these
  parameters were chosen, the existence of a trapdoor that makes possible
  for an eavesdropper to recover the shared secret from a key exchange that
  uses them cannot be ruled out.
  A new prime modulus p parameter has been generated by Socat developer
  using OpenSSL dhparam command.
  In addition the new parameter is 2048 bit long.

Vulnerability Ids:
  Socat security issue 7

Severity: Unknown

Affected versions:, 2.0.0-b8

Not affected or corrected versions - and later
  2.0.0-b1 - 2.0.0-b7
  2.0.0-b9 and later

  Disable DH ciphers

  Santiago Zanella-Beguelin and Microsoft Vulnerability Research (MSVR).

Already submitted for openSUSE:Factory:

Probably somewhat related to logjam changes - bug 938913
Comment 1 Andreas Stieger 2016-02-03 08:53:38 UTC
SLE 12: socat no affected
openSUSE not affected
only Tumbleweed affected
Comment 2 Alexander Bergmann 2016-02-05 09:54:02 UTC
CVE-2016-2217 was assigned to this issue.