The open-source OpenSSL cryptographic library project issued a security update this week that patched six issues, though only two of them are rated “critical.”
OpenSSL itself is a critical part of the Internet’s infrastructure, as one of the most widely deployed encryption elements. It is included in desktop, mobile and server applications to help enable Secure Sockets Layer/Transport Layer Security (SSL/TLS) encryption for data in motion.
Security issues with OpenSSL first hit the mainstream two years ago with the disclosure of the branded Heartbleed flaw. Although Heartbleed (which carries the official vulnerability identifier of CVE-2014-0160) was patched two years ago, it is still having an impact today as thousands of servers remain unpatched.
Among the critical flaws disclosed in OpenSSL this week is a memory corruption issue in the Abstract Syntax Notation number One (ASN.1) encoder.
“One of our associates, Huzaifa Sidhpurwala, found the issue while fuzzing the OpenSSL ASN.1 parser,” Josh Bressers, security strategist at Red Hat, told eWEEK. “Red Hat conducts a variety of reviews and scans of the software that we ship. In this instance, the OpenSSL package was singled out as a target for fuzzing, which found this issue.”
The vulnerability fixed by the OpenSSL project (identified as CVE-2016-2108) is, however, more complex than just the issue found by Sidhpurwala. “This vulnerability is a combination of two bugs, neither of which individually has security impact,” the OpenSSL advisory states.
The first bug is the one Sidhpurwala found, and the second is a mishandling of tags that was publicly reported on the OpenSSL issue tracker.
“The fact that these two issues combined present a security vulnerability was reported by David Benjamin (Google) on March 31st 2016,” the OpenSSL advisory explains. “The fixes were developed by Steve Henson of the OpenSSL development team, and David Benjamin.”
The other high impact flaw, CVE-2016-2107, is actually a vulnerability that was introduced by a patch for a different flaw fixed by OpenSSL in 2013. CVE-2016-2107 is officially titled “Padding Oracle in AES-NI CBC MAC Check” and is related to the “Lucky13” attack from 2013. The Lucky13 attack detailed a method by which TLS headers that include 13 bytes of data used for the secure handshake protocol could be exploited.
The Lucky13 attack and the new CVE-2016-2107 attack both exploit the cipher block chaining (CBC) cipher in TLS. The OpenSSL project credits security researcher Juraj Somorovsky, who used the open-source TLS-Attacker tool to find the flaw. There is now also an online tool to enable organizations to quickly and easily test to see if they are at risk from the CVE-2016-2107 flaw.
Patches are now available for the OpenSSL flaws.
“All unpatched systems have some level of risk, so we recommend that all security updates be applied to all systems in a timely manner,” Bressers said.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.