Your submission was sent successfully! Close

CVE-2016-2107

Published: 3 May 2016

The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.

Priority

High

CVSS 3 base score: 5.9

Status

Package Release Status
openssl
Launchpad, Ubuntu, Debian
artful
Released (1.0.2g-1ubuntu5)
bionic
Released (1.0.2g-1ubuntu5)
cosmic
Released (1.0.2g-1ubuntu5)
disco
Released (1.0.2g-1ubuntu5)
precise
Released (1.0.1-4ubuntu5.36)
trusty
Released (1.0.1f-1ubuntu2.19)
upstream
Released (1.0.1t, 1.0.2h)
wily
Released (1.0.2d-0ubuntu1.5)
xenial
Released (1.0.2g-1ubuntu4.1)
yakkety
Released (1.0.2g-1ubuntu5)
zesty
Released (1.0.2g-1ubuntu5)
openssl098
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

cosmic Does not exist

disco Does not exist

precise Does not exist
(precise was needs-triage)
trusty Does not exist
(trusty was needs-triage)
upstream Needs triage

wily Does not exist

xenial Does not exist

yakkety Does not exist

zesty Does not exist