CVE-2017-3738

CWE-200Information ExposureCWE-190Integer Overflow13 documents9 sources
Severity
5.9MEDIUM
EPSS
15.5%
top 5.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Nodejs Node.jsOpenssl Software Foundation OpensslDebian Debian Linux+1 more
Timeline
PublishedDec 7
Latest updateMay 14

Description

There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack w

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages5 packages

Debianopenssl< 1.1.0h-1+3
Ubuntuopenssl< 1.0.2g-1ubuntu4.10
NVDopenssl/openssl22 versions+21
CVEListV5openssl_software_foundation/openssl1.0.2-1.02m, 1.1.0-1.1.0g+1
NVDnodejs/node.js4.2.04.8.7+6

Also affects: Debian Linux 8.0, 9.0

Patches

Patch: www.oracle.comPatch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

4
GHSA
GHSA-gj3m-w8pf-46c5: There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli2022-05-14
OSV
openssl vulnerabilities2017-12-11
CVEList
CVE-2017-3738: There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli2017-12-07
OSV
CVE-2017-3738: There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli2017-12-07

📋Vendor Advisories

4
Ubuntu
OpenSSL vulnerabilities2017-12-11
BSD
FreeBSD-SA-17:12.openssl: OpenSSL multiple vulnerabilities2017-12-09
Red Hat
openssl: rsaz_1024_mul_avx2 overflow bug on x86_642017-12-07
Debian
CVE-2017-3738: openssl - There is an overflow bug in the AVX2 Montgomery multiplication procedure used in...2017

💬Community

4
Bugzilla
CVE-2017-3737 CVE-2017-3738 mingw-openssl: various flaws [fedora-all]2017-12-08
Bugzilla
CVE-2017-3738 openssl: rsaz_1024_mul_avx2 overflow bug on x86_64 [fedora-all]2017-12-08
Bugzilla
CVE-2017-3738 openssl: rsaz_1024_mul_avx2 overflow bug on x86_642017-12-08
Bugzilla
CVE-2017-3737 CVE-2017-3738 mingw-openssl: various flaws [epel-7]2017-12-08
CVE-2017-3738 (MEDIUM CVSS 5.9) | There is an overflow bug in the AVX | cvebase.io