RSS   Vulnerabilities for 'Matrixssl'   RSS

2020-12-30
 
CVE-2019-16747

CWE-787
 

 
In MatrixSSL before 4.2.2 Open, the DTLS server can encounter an invalid pointer free (leading to memory corruption and a daemon crash) via a crafted incoming network message, a different vulnerability than CVE-2019-14431.

 
2019-10-03
 
CVE-2019-13629

CWE-327
 

 
MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation. This allows a local or a remote attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because crypto/pubkey/ecc_math.c scalar multiplication leaks the bit length of the scalar.

 
2019-07-29
 
CVE-2019-14431

CWE-119
 

 
In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and possible Remote Code Execution in parseSSLHandshake in sslDecode.c. During processing of a crafted packet, the server mishandles the fragment length value provided in the DTLS message.

 
2019-07-09
 
CVE-2019-13470

CWE-125
 

 
MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling.

 
2019-04-08
 
CVE-2019-10914

CWE-119
 

 
pubRsaDecryptSignedElementExt in MatrixSSL 4.0.1 Open, as used in Inside Secure TLS Toolkit, has a stack-based buffer overflow during X.509 certificate verification because of missing validation in psRsaDecryptPubExt in crypto/pubkey/rsa_pub.c.

 
2018-06-14
 
CVE-2018-12439

CWE-200
 

 
MatrixSSL through 3.9.5 Open allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

 
 
CVE-2018-12438

CWE-320
 

 
The Elliptic Curve Cryptography library (aka sunec or libsunec) allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

 
 
CVE-2018-12437

CWE-320
 

 
LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

 
 
CVE-2018-12433

CWE-320
 

 
** DISPUTED ** cryptlib through 3.4.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on the same physical host. NOTE: the vendor does not include side-channel attacks within its threat model.

 
2018-01-22
 
CVE-2017-1000417

CWE-295
 

 
MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyUsage extension) on X.509 certificates.

 


Copyright 2022, cxsecurity.com

 

Back to Top