CVE-2016-6129
Last modified
CVE-2016-6129 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the ASN.1 encoded data length, which makes it easier for remote attackers to forge RSA signatures or public certificates by leveraging a Bleichenbacher signature forgery attack.. EPSS estimates a 0.78% chance of exploitation in the next 30 days.
Description
The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the ASN.1 encoded data length, which makes it easier for remote attackers to forge RSA signatures or public certificates by leveraging a Bleichenbacher signature forgery attack.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Trustedfirmware | Op-Tee | < 2.2.0 |
| Libtom | Libtomcrypt | <= 1.17 |
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1370955Issue Tracking, Patch
- https://github.com/libtom/libtomcrypt/commit/5eb9743410ce4657e9d54fef26a2ee31a1b5dd0Issue Tracking, Patch, Third Party Advisory
- https://www.op-tee.org/advisories/Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1370955Issue Tracking, Patch
- https://github.com/libtom/libtomcrypt/commit/5eb9743410ce4657e9d54fef26a2ee31a1b5dd0Issue Tracking, Patch, Third Party Advisory
- https://www.op-tee.org/advisories/Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2016-6129?
How severe is CVE-2016-6129?
How do I fix CVE-2016-6129?
Are you affected by CVE-2016-6129?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST