漏洞类别:Amazon Linux
漏洞等级: 
漏洞信息
possible OP-TEE Bleichenbacher attack:
The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the ASN.1 encoded data length, which makes it easier for remote attackers to forge RSA signatures or public certificates by leveraging a Bleichenbacher signature forgery attack. (CVE-2016-6129 )
QID Detection Logic:
This authenticated QID verifies if the version of the following files is lesser than 1.17-25.4.amzn1 and 0.42.0-5.3.3.amzn1: libtomcrypt, libtommath, libtomcrypt-debuginfo, libtommath-debuginfo, libtomcrypt-devel, libtommath-devel
漏洞危害
Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service.
解决方案
Please refer to Amazon advisory ALAS-2017-864 for affected packages and patching details, or update with your package manager.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论