CVE-2016-1000342
Published: 4 June 2018
In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.
Priority
Status
Package | Release | Status |
---|---|---|
bouncycastle Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(1.57-1)
|
bionic |
Not vulnerable
(1.59-1)
|
|
cosmic |
Not vulnerable
(1.60-1)
|
|
disco |
Not vulnerable
(1.60-1)
|
|
eoan |
Not vulnerable
(1.60-1)
|
|
focal |
Not vulnerable
(1.60-1)
|
|
groovy |
Not vulnerable
(1.60-1)
|
|
hirsute |
Not vulnerable
(1.60-1)
|
|
impish |
Not vulnerable
(1.60-1)
|
|
jammy |
Not vulnerable
(1.60-1)
|
|
kinetic |
Not vulnerable
(1.60-1)
|
|
lunar |
Not vulnerable
(1.60-1)
|
|
trusty |
Released
(1.49+dfsg-2ubuntu0.1)
|
|
upstream |
Released
(1.56-1)
|
|
xenial |
Needed
|
|
Patches: upstream: https://github.com/bcgit/bc-java/commit/843c2e60f67d71faf81d236f448ebbe56c62c647 |
Severity score breakdown
Parameter | Value |
---|---|
Base score | 7.5 |
Attack vector | Network |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | None |
Integrity impact | High |
Availability impact | None |
Vector | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |