CVE-2022-0778 BN_mod_sqrt() contains a bug that can cause it to loop for non-prime moduli.

CVE-2022-0778 BN_mod_sqrt() contains a bug that can cause it to loop for non-prime moduli.

that trigger the infinite loop. When triggered in this way, BN_mod_sqrt() will loop forever and consume excessive CPU and memory resources, possibly crashing software using the function. The symptom of an infinite loop in BN_mod_sqrt() is that the calling process will consume huge amounts of CPU and memory before terminating with an error message about out of memory. Unfortunately, the cause of this issue is poorly understood, and it is not yet known how widely it may be encountered.

Credit

Card Payment Systems
A Credit Card Payment System is an online payment processing system that allows businesses to collect payments from customers by using credit cards. There are two types of credit card payment systems: a Merchant Interface, which is the software that collects payments and tells the business how much money to charge the customer, and a Host Processor, which is a company that provides this service for businesses.

Vulnerability Symptoms and Detection Guidelines

The vulnerability is triggered by writing to a BIGNUM* that triggers the infinite loop. When triggered in this way, BN_mod_sqrt() will loop forever and consume excessive CPU and memory resources, possibly crashing software using the function. The symptom of an infinite loop in BN_mod_sqrt() is that the calling process will consume huge amounts of CPU and memory before terminating with an error message about out of memory. Unfortunately, the cause of this issue is poorly understood, and it is not yet known how widely it may be encountered.
When running applications that use BN_mod_sqrt(), it may be possible to determine if they are vulnerable by checking for a sequence of function calls from their main function to bn_divmod(). If these calls are present, then there is a possibility the program has been affected. Software can also check for presence of a sequence of functions called from bn_divmod() to bn-sqr(). If these functions are present, then there is a higher probability that the program has been affected by this vulnerability.

Mitigation Strategies

In order to mitigate this issue, there are three possible strategies that may be employed:
-Disabling the BN_mod_sqrt() function in software that uses it
-Changing the way BN_mod_sqrt() is used in software that uses it
-Using a different function, such as PKCS#1v1.5 (PKCS#1 v1.5), which is not known to contain an infinite loop

Vulnerability Details

The vulnerability affects OpenSSL versions 1.0.2 through 1.1.0, that is, versions currently installed in many Linux distributions and versions of the software used in many web servers. OpenSSL does not provide a way to disable this function or limit its maximum number of iterations through an interface, which means that software that uses OpenSSL must either be patched or disabled entirely to prevent an infinite loop from occurring,

OpenVPN: Why You Should Switch To OpenVPN
Virtually every technology company has been hit by the Panama leak and it's consequences so far, but possibly none as much as VPN companies like VPNDirector. This is because they use a proprietary protocol called "Point-to-Point Tunneling Protocol" (PPTP) and are now facing a legal battle with the security community due to their continued reliance on PPTP. Now is the time for you to switch!
One of the key advantages of using OpenVPN over traditional VPN protocols is that it can be configured to work on most operating systems with minimal configuration changes required. For example, if you're using Windows 10 Pro (or Windows 7), then all you need is a single command line argument before your VPN connection will work- openvpn --config client2/client2_certs.ovpn . If you're using Ubuntu 14.04/16.04 or another distribution that doesn't have Debian packages for OpenVPN yet, then you'll need some minor changes such as

Credit

Card Encryption Key
A credit card encryption key is a 64-bit value used to encrypt credit card numbers. This key can be generated using bn_rand() and a secret seed value. Once generated, the key can be used to encrypt credit card numbers in an enciphered form that can only be decrypted by the same key.
The standard approach to using this function is to generate a new key for each transaction. This ensures that there is no way for any individual to decipher the encrypted number without knowing the secret seed. A weakness in this method, however, is that if an attacker captures a segment of the encrypted transactions data and stores it somewhere safe before sending it on, then they will also have access to (or can find) all future transactions that use that same key.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe