CVE-2015-3193

Summary

CVE	CVE-2015-3193
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2015-12-06 20:59:00 UTC
Updated	2023-02-13 00:47:00 UTC
Description	The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to obtain sensitive private-key information via an attack against use of a (1) Diffie-Hellman (DH) or (2) Diffie-Hellman Ephemeral (DHE) ciphersuite.

Risk And Classification

Problem Types: CWE-200

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Canonical	Ubuntu Linux	12.04	All	All	All
Operating System	Canonical	Ubuntu Linux	14.04	All	All	All
Operating System	Canonical	Ubuntu Linux	15.04	All	All	All
Operating System	Canonical	Ubuntu Linux	15.10	All	All	All
Application	Nodejs	Node.js	All	All	All	All
Application	Nodejs	Node.js	All	All	All	All
Application	Nodejs	Node.js	All	All	All	All
Application	Openssl	Openssl	1.0.2	All	All	All
Application	Openssl	Openssl	1.0.2a	All	All	All
Application	Openssl	Openssl	1.0.2b	All	All	All
Application	Openssl	Openssl	1.0.2c	All	All	All
Application	Openssl	Openssl	1.0.2d	All	All	All
Application	Openssl	Openssl	1.0.2	All	All	All
Application	Openssl	Openssl	1.0.2a	All	All	All
Application	Openssl	Openssl	1.0.2b	All	All	All
Application	Openssl	Openssl	1.0.2c	All	All	All
Application	Openssl	Openssl	1.0.2d	All	All	All

References

Reference	Source	Link	Tags
Oracle Critical Patch Update Advisory - April 2016	CONFIRM	www.oracle.com
USN-2830-1: OpenSSL vulnerabilities \| Ubuntu	UBUNTU	www.ubuntu.com
404 Page not found	CONFIRM	kb.isc.org
Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products	CISCO	tools.cisco.com
Oracle Critical Patch Update - July 2016	CONFIRM	www.oracle.com
openssl.org/news/secadv/20151203.txt	CONFIRM	openssl.org	Vendor Advisory
git.openssl.org Git - openssl.git/commit	MISC	git.openssl.org
Oracle July 2016 Critical Patch Update Multiple Vulnerabilities	BID	www.securityfocus.com
git.openssl.org Git - openssl.git/commit	CONFIRM	git.openssl.org
Malformed Request	BID	www.securityfocus.com
FortiGuard.com \| OpenSSL Advisory - December 2015	CONFIRM	fortiguard.com
The Slackware Linux Project: Slackware Security Advisories	SLACKWARE	www.slackware.com
Fuzzing Math - miscalculations in OpenSSL's BN_mod_exp (CVE-2015-3193) \| The Fuzzing Project	MISC	blog.fuzzing-project.org
Bug 1288317 – CVE-2015-3193 OpenSSL: BN_mod_exp may produce incorrect results on x86_64	CONFIRM	bugzilla.redhat.com
Public KB - SA40100 - [Pulse Secure] December 3rd 2015 OpenSSL Security Advisory	CONFIRM	kb.pulsesecure.net
2016-10 Security Bulletin: CTPView: Multiple vulnerabilities in CTPView - Juniper Networks	CONFIRM	kb.juniper.net
cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf	CONFIRM	cert-portal.siemens.com
Document Display \| HPE Support Center	CONFIRM	h20566.www2.hpe.com
FortiGuard.com \| OpenSSL Advisory - December 2015	CONFIRM	www.fortiguard.com
Juniper Networks - 2016-10 Security Bulletin: OpenSSL security updates	CONFIRM	kb.juniper.net
OpenSSL Multiple Bugs Let Remote Users Deny Service and Obtain Potentially Sensitive Information - SecurityTracker	SECTRACK	www.securitytracker.com
The Slackware Linux Project: Slackware Security Advisories	SLACKWARE	www.slackware.com
Oracle Critical Patch Update - October 2017	CONFIRM	www.oracle.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

591280 Siemens SCALANCE X-200RNA Switch Devices Denial of Service (DoS) Multiple Vulnerabilities (ICSA-22-349-21, SSA-412672)