openssl-1.0.2k-26.0.6.el7.AXS7
エラータID: AXSA:2025-10997:05
リリース日:
2025/10/28 Tuesday - 10:02
題名:
openssl-1.0.2k-26.0.6.el7.AXS7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- OpenSSL の EC グループでは、名前付き曲線の代わりに明示的な
パラメータを指定して構成する場合、余因子を持たないグループを
指定でき、そのような曲線を使う時、OpenSSLはサイドチャネル攻撃に
耐性が無いコードパスにフォールバックするため、攻撃者がサイド
チャネル攻撃をすることが可能な脆弱性があります。(CVE-2019-1547)
- OpenSSL には、メモリ領域の範囲外アクセスの問題があるため、
リモートの攻撃者により、サービス拒否攻撃、および任意のコードの
実行を可能とする脆弱性が存在します。(CVE-2025-9230)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2019-1547
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).
CVE-2025-9230
Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service or Execution of attacker-supplied code. Although the consequences of a successful exploit of this vulnerability could be severe, the probability that the attacker would be able to perform it is low. Besides, password based (PWRI) encryption support in CMS messages is very rarely used. For that reason the issue was assessed as Moderate severity according to our Security Policy. The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary.
Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service or Execution of attacker-supplied code. Although the consequences of a successful exploit of this vulnerability could be severe, the probability that the attacker would be able to perform it is low. Besides, password based (PWRI) encryption support in CMS messages is very rarely used. For that reason the issue was assessed as Moderate severity according to our Security Policy. The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary.
追加情報:
N/A
ダウンロード:
Asianux Server 7 for x86_64
- openssl-1.0.2k-26.0.6.el7.AXS7.x86_64.rpm
MD5: 56e780278db25f643c76ea4b8e545f1c
SHA-256: 6cfef27bc762796bbb739ed72e4677ca3915aa576054f875cb3cddd5d162e730
Size: 495.17 kB - openssl-devel-1.0.2k-26.0.6.el7.AXS7.i686.rpm
MD5: fc09b53a6a303db1f27a22cd2e60fe4f
SHA-256: 5b9db8d9c902ac2107ba5020a353afa30ac0ab4da39f68e8e290cf7a0f83e0a8
Size: 1.51 MB - openssl-devel-1.0.2k-26.0.6.el7.AXS7.x86_64.rpm
MD5: fdac20778b021aa38ace392320171c6a
SHA-256: 8c2ca0179726bc342437c7708b97d2e0bb3d5c67d86f7bfd5b8100105a868443
Size: 1.51 MB - openssl-libs-1.0.2k-26.0.6.el7.AXS7.i686.rpm
MD5: 27cb211163f5cd2c253b853e31426ce9
SHA-256: afe48954e55c7d180cc136b9740409575a602a4b458045336c7cdb9d8d1d3457
Size: 0.98 MB - openssl-libs-1.0.2k-26.0.6.el7.AXS7.x86_64.rpm
MD5: 24568d8e8965cb318f1ab153c82726e1
SHA-256: de4f3aee6a15dbd9a017e390b99258875849f6e46745ac33b4b835ecdb0c7cb6
Size: 1.20 MB
English