CVE-2019-1551
MEDIUMCVSS 5.3/10EPSS 14.30%
Last modified
CVE-2019-1551 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. EPSS estimates a 14.30% chance of exploitation in the next 30 days.
Description
There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Openssl | Openssl | >= 1.0.2, <= 1.0.2t |
| Openssl | Openssl | >= 1.1.1, <= 1.1.1d |
| Opensuse | Leap | 15.1 |
| Oracle | Enterprise Manager Ops Center | 12.4.0.0 |
| Oracle | Mysql Enterprise Monitor | <= 4.0.12 |
| Oracle | Mysql Enterprise Monitor | >= 8.0.0, <= 8.0.20 |
| Oracle | Peoplesoft Enterprise Peopletools | 8.56 |
| Oracle | Peoplesoft Enterprise Peopletools | 8.57 |
| Oracle | Peoplesoft Enterprise Peopletools | 8.58 |
| Canonical | Ubuntu Linux | 16.04 |
| Canonical | Ubuntu Linux | 18.04 |
| Canonical | Ubuntu Linux | 19.10 |
| Fedoraproject | Fedora | 30 |
| Fedoraproject | Fedora | 31 |
| Fedoraproject | Fedora | 32 |
| Debian | Debian Linux | 9.0 |
| Debian | Debian Linux | 10.0 |
| Tenable | Log Correlation Engine | < 6.0.9 |
References
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.htmlMailing List, Third Party Advisory
- http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.htmlThird Party Advisory, VDB Entry
- https://lists.debian.org/debian-lts-announce/2022/03/msg00023.htmlMailing List, Third Party Advisory
- https://seclists.org/bugtraq/2019/Dec/39Mailing List, Third Party Advisory
- https://seclists.org/bugtraq/2019/Dec/46Mailing List, Third Party Advisory
- https://security.gentoo.org/glsa/202004-10Third Party Advisory
- https://security.netapp.com/advisory/ntap-20191210-0001/Third Party Advisory
- https://usn.ubuntu.com/4376-1/Third Party Advisory
- https://usn.ubuntu.com/4504-1/Third Party Advisory
- https://www.debian.org/security/2019/dsa-4594Third Party Advisory
- https://www.debian.org/security/2021/dsa-4855Third Party Advisory
- https://www.openssl.org/news/secadv/20191206.txtVendor Advisory
- https://www.oracle.com/security-alerts/cpuApr2021.htmlPatch, Third Party Advisory
- https://www.oracle.com/security-alerts/cpujan2021.htmlPatch, Third Party Advisory
- https://www.oracle.com/security-alerts/cpujul2020.htmlPatch, Third Party Advisory
- https://www.tenable.com/security/tns-2019-09Third Party Advisory
- https://www.tenable.com/security/tns-2020-03Third Party Advisory
- https://www.tenable.com/security/tns-2020-11Third Party Advisory
- https://www.tenable.com/security/tns-2021-10Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.htmlMailing List, Third Party Advisory
- http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.htmlThird Party Advisory, VDB Entry
- https://lists.debian.org/debian-lts-announce/2022/03/msg00023.htmlMailing List, Third Party Advisory
- https://seclists.org/bugtraq/2019/Dec/39Mailing List, Third Party Advisory
- https://seclists.org/bugtraq/2019/Dec/46Mailing List, Third Party Advisory
- https://security.gentoo.org/glsa/202004-10Third Party Advisory
- https://security.netapp.com/advisory/ntap-20191210-0001/Third Party Advisory
- https://usn.ubuntu.com/4376-1/Third Party Advisory
- https://usn.ubuntu.com/4504-1/Third Party Advisory
- https://www.debian.org/security/2019/dsa-4594Third Party Advisory
- https://www.debian.org/security/2021/dsa-4855Third Party Advisory
- https://www.openssl.org/news/secadv/20191206.txtVendor Advisory
- https://www.oracle.com/security-alerts/cpuApr2021.htmlPatch, Third Party Advisory
- https://www.oracle.com/security-alerts/cpujan2021.htmlPatch, Third Party Advisory
- https://www.oracle.com/security-alerts/cpujul2020.htmlPatch, Third Party Advisory
- https://www.tenable.com/security/tns-2019-09Third Party Advisory
- https://www.tenable.com/security/tns-2020-03Third Party Advisory
- https://www.tenable.com/security/tns-2020-11Third Party Advisory
- https://www.tenable.com/security/tns-2021-10Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-1551?
There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).
How severe is CVE-2019-1551?
CVE-2019-1551 has a CVSS score of 5.3/10 (MEDIUM severity). The EPSS model estimates a 14.30% probability of exploitation in the next 30 days.
How do I fix CVE-2019-1551?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2019-1551?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST