OpenSSL issued as a series of patches in conjunction with the disclosure yesterday of six vulnerabilities, including two of high severity.
The first high-severity flaw, CVE-2016-2107, allows adversaries to use a man-in-the-middle technique to initiate a padding oracle attack that can decrypt traffic when the connection uses an AES CBC cipher and the server supports AES-NI. Such attacks exploit the “padding” process that expands variable-length plaintext messages in order for them to be compatible with cryptography programs.
Ironically, the vulnerability was created when OpenSSL previously issued a fix to prevent Lucky Thirteen timing attacks that can compromise TSL cryptography.
The second major vulnerability, CVE-2016-2108, affected versions of OpenSSL issued prior to April 2015. The bug causing it was fixed back in June 2015, but now more information has come to light on its security implications. According to OpenSSL, the bug was in its ASN.1 standard for encoding, transmitting and decoding data, and could have been exploited to trigger memory corruption.