Bug 951727 - (CVE-2015-7940) VUL-0: CVE-2015-7940: bouncycastle: invalid curve attack
(CVE-2015-7940)
VUL-0: CVE-2015-7940: bouncycastle: invalid curve attack
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other openSUSE 13.2
: P5 - None : Major
: ---
Assigned To: Tomáš Chvátal
Security Team bot
https://smash.suse.de/issue/158141/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-10-23 08:11 UTC by Andreas Stieger
Modified: 2015-11-04 16:17 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Stieger 2015-10-23 08:11:35 UTC
bouncycastle versions older than 1.51 are vulnerable to an invalid curve attack as described in this article:
http://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html

The attack allows to extract private keys used in elliptic curve cryptography with a few thousands queries.

According to upstream developer Peter Dettman, the issue has been fixed with those two commits:
https://github.com/bcgit/bc-java/commit/5cb2f0578e6ec8f0d67e59d05d8c4704d8e05f83
https://github.com/bcgit/bc-java/commit/e25e94a046a6934819133886439984e2fecb2b04

Maintained on openSUSE only, where it affects openSUSE 13.1, 13.2, Leap 42.1 and Tumbleweed.

Related to CVE-2015-2613

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7940
http://seclists.org/oss-sec/2015/q4/131
Comment 2 Bernhard Wiedemann 2015-10-23 09:00:08 UTC
This is an autogenerated message for OBS integration:
This bug (951727) was mentioned in
https://build.opensuse.org/request/show/340552 Factory / bouncycastle
Comment 4 Bernhard Wiedemann 2015-10-23 10:00:37 UTC
This is an autogenerated message for OBS integration:
This bug (951727) was mentioned in
https://build.opensuse.org/request/show/340559 13.2+13.1+Leap:42.1 / bouncycastle.openSUSE_Leap_42.1_Update+bouncycastle
Comment 5 Swamp Workflow Management 2015-11-04 16:17:41 UTC
openSUSE-SU-2015:1911-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 951727
CVE References: CVE-2015-7940
Sources used:
openSUSE Leap 42.1 (src):    bouncycastle-1.53-16.1
openSUSE 13.2 (src):    bouncycastle-1.53-13.3.1
openSUSE 13.1 (src):    bouncycastle-1.53-8.3.1