CVE-2016-6129

EPSS 0.15%
Published 13.02.2017 18:59:00
Last modified 20.04.2025 01:37:25
Source cve@mitre.org
Teams watchlist Login
Open Login

The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the ASN.1 encoded data length, which makes it easier for remote attackers to forge RSA signatures or public certificates by leveraging a Bleichenbacher signature forgery attack.

Affected products Warnungen 0 Metrics 3 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Op-tee ≫ Op-tee Os Version <= 2.1.0

Libtom ≫ Libtomcrypt Version <= 1.17

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.15%	0.315

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://bugzilla.redhat.com/show_bug.cgi?id=1370955

Patch

Issue Tracking

https://github.com/libtom/libtomcrypt/commit/5eb9743410ce4657e9d54fef26a2ee31a1b5dd0

Patch

Third Party Advisory

Issue Tracking

https://www.op-tee.org/advisories/

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2016-6129

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-6129

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-6129

EUVD