{"id":"MGASA-2016-0102","summary":"Updated botan packages fix security vulnerability","details":"The BER decoder would crash due to reading from offset 0 of an empty\nvector if it encountered a BIT STRING which did not contain any data at\nall. This can be used to easily crash applicatons reading untrusted ASN.1\ndata, but does not seem exploitable for code execution (CVE-2015-5726).\n\nThe BER decoder would allocate a fairly arbitrary amount of memory in a\nlength field, even if there was no chance the read request would succeed.\nThis might cause the process to run out of memory or invoke the OOM killer\n(CVE-2015-5727).\n\nThe ressol function implements the Tonelli-Shanks algorithm for finding\nsquare roots could be sent into a nearly infinite loop due to a misplaced\nconditional check. This could occur if a composite modulus is provided, as\nthis algorithm is only defined for primes. This function is exposed to\nattacker controlled input via the OS2ECP function during ECC point\ndecompression (CVE-2016-2194).\n\nThe PointGFp constructor did not check that the affine coordinate\narguments were less than the prime, but then in curve multiplication\nassumed that both arguments if multiplied would fit into an integer twice\nthe size of the prime. The bigint_mul and bigint_sqr functions received\nthe size of the output buffer, but only used it to dispatch to a faster\nalgorithm in cases where there was sufficient output space to call an\nunrolled multiplication function. The result is a heap overflow accessible\nvia ECC point decoding, which accepted untrusted inputs. This is likely\nexploitable for remote code execution. On systems which use the mlock pool\nallocator, it would allow an attacker to overwrite memory held in\nsecure_vector objects. After this point the write will hit the guard page\nat the end of the mmap'ed region so it probably could not be used for code\nexecution directly, but would allow overwriting adjacent key material\n(CVE-2016-2195).\n","modified":"2026-04-16T06:24:43.097987904Z","published":"2016-03-07T21:51:48Z","upstream":["CVE-2015-5726","CVE-2015-5727","CVE-2016-2194","CVE-2016-2195"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0102.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=17737"},{"type":"WEB","url":"http://botan.randombit.net/security.html"}],"affected":[{"package":{"name":"botan","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/botan?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.10.12-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0102.json"}},{"package":{"name":"monotone","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/monotone?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1-4.1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0102.json"}},{"package":{"name":"softhsm","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/softhsm?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.3.4-5.1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0102.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}