Today there were multiple vulnerabilities released in OpenSSL, a cryptographic library used by most secure websites. There has been advance notice that an announcement would be forthcoming, although the contents of the vulnerabilities were kept closely controlled and shared only with major operating system vendors until this notice.
Based on our analysis of the vulnerabilities and how we use the OpenSSL library, this batch of vulnerabilities primarily affects users as a “Denial of Service” possibility (it could cause web-servers to crash), rather than as an information disclosure vulnerability. Customer traffic and customer SSL keys continue to be protected.
As is good security practice, we have quickly tested the patched version and begun a push to our production environment, to be completed before midday today.
The individual vulnerabilities included in this announcement are:
- OpenSSL 1.0.2 ClientHello sigalgs DoS (CVE-2015-0291)
- Reclassified: RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)
- Multiblock corrupted pointer (CVE-2015-0290)
- Segmentation fault in DTLSv1_listen (CVE-2015-0207)
- Segmentation fault in ASN1TYPEcmp (CVE-2015-0286)
- Segmentation fault for invalid PSS parameters (CVE-2015-0208)
- ASN.1 structure reuse memory corruption (CVE-2015-0287)
- PKCS7 NULL pointer dereferences (CVE-2015-0289)
- Base64 decode (CVE-2015-0292)
- DoS via reachable assert in SSLv2 servers (CVE-2015-0293)
- Empty CKE with client auth and DHE (CVE-2015-1787)
- Handshake with unseeded PRNG (CVE-2015-0285)
- Use After Free following d2i_ECPrivatekey error (CVE-2015-0209)
- X509toX509_REQ NULL pointer deref (CVE-2015-0288)
We thank the OpenSSL project and the individual vulnerability reporters for finding, disclosing, and re-mediating these problems. All software has bugs, sometimes security critical bugs, and having a good process for handling them once identified is a necessary part of the world of computer software.