Описание
GOST engine is a reference implementation of the Russian GOST crypto algorithms for OpenSSL. TLS clients using GOST engine when ciphersuite TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC is agreed and the server uses 512 bit GOST secret keys are vulnerable to buffer overflow. GOST engine version 3.0.1 contains a patch for this issue. Disabling ciphersuite TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC is a possible workaround.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | DNE | |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| focal | ignored | end of standard support, was needs-triage |
| impish | ignored | end of life |
| jammy | needs-triage | |
| kinetic | DNE | |
| lunar | DNE |
Показывать по
Ссылки на источники
5 Medium
CVSS2
5.9 Medium
CVSS3
Связанные уязвимости
GOST engine is a reference implementation of the Russian GOST crypto algorithms for OpenSSL. TLS clients using GOST engine when ciphersuite `TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC` is agreed and the server uses 512 bit GOST secret keys are vulnerable to buffer overflow. GOST engine version 3.0.1 contains a patch for this issue. Disabling ciphersuite `TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC` is a possible workaround.
GOST engine is a reference implementation of the Russian GOST crypto a ...
Уязвимость реализации алгоритма шифрования по ГОСТ 34.12 библиотеки CTR_OMAC, применяемой при реализации протокола OpenSSL, позволяющая нарушителю вызвать переполнение буфера при условии, что сервер использует 512-битные секретные ключи
5 Medium
CVSS2
5.9 Medium
CVSS3