RSA, DH, ECDH computation failures due to CVE-2016-7055 on the Intel CPU of Broadwell or later #9594
Comments
Merged
|
Resolved in #11021 |
|
We ran into a SSL problem on an Intel Celeron N3350, even with the latest nodejs versions (v7.9.0, v4.8.2, v6.10.2), which might be caused by an invalid mac calculation. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As for recent openssl-1.1.0 security advisory in https://www.openssl.org/news/secadv/20161110.txt,
"Montgomery multiplication may produce incorrect results (CVE-2016-7055)" is also affect openssl-1.0.2 and it is scored as low severity.
It is already fixed in the current 1.0.2 branch as openssl/openssl@57c4b9f but it is not released yet due to its low severity.
The original issue report is openssl/openssl#1774 and Node is affected in RSA, DH and ECDH computing in the crypto module when Intel CPU later than Browdwell is used. We confirmed that a RSA encryption/decryption failure in Node by using the reported data on Skylake. The failure depends on its crypto parameters, data and CPU but we don't know how much users are affected.
The release date of new openssl-1.0.2k is not yet announced. If it is reported that some of users are affected to this issue, we can fix it by applying a floating patch before the official release of openssl.
The text was updated successfully, but these errors were encountered: