CVE-2016-1000346
Information Disclosure vulnerability in bcprov-jdk14 (Maven)
What is CVE-2016-1000346 About?
This is an Information Disclosure vulnerability in the Bouncy Castle JCE Provider, affecting versions 1.55 and earlier, where the other party's DH public key is not fully validated. Successful exploitation can reveal details about the other party's private key in static Diffie-Hellman setups, making information easily accessible.
Affected Software
- org.bouncycastle:bcprov-jdk14
- <1.56
- org.bouncycastle:bcprov-jdk15
- <1.56
- org.bouncycastle:bcprov-jdk15on
- <1.56
Technical Details
The vulnerability in Bouncy Castle JCE Provider (version 1.55 and earlier) stems from insufficient validation of the other party's Diffie-Hellman (DH) public key. In the context of static Diffie-Hellman key exchange, if an invalid public key from the other party is accepted during the agreement calculation, it can lead to a side-channel attack. An attacker can craft a malformed public key or exploit weak validation to probe the system. This allows the attacker to gain information about the other party's private DH key by observing responses or triggering specific error conditions during the key exchange, ultimately leading to the disclosure of sensitive cryptographic material.
What is the Impact of CVE-2016-1000346?
Successful exploitation may allow attackers to disclose sensitive information, specifically details about private cryptographic keys, potentially compromising the confidentiality of communications or data.
What is the Exploitability of CVE-2016-1000346?
Exploitation likely requires an attacker to participate in a static Diffie-Hellman key exchange with the vulnerable system. The attacker would need to send a specially crafted, invalid DH public key. This is a remote vulnerability, but the attack vectors and complexity would depend on the specific application using Bouncy Castle for DH key exchange. There are no explicit authentication or privilege requirements to initiate the key exchange if the application supports unauthenticated DH. The attacker needs to understand the intricacies of Diffie-Hellman cryptography and how Bouncy Castle processes public keys. Risk factors include applications implementing static Diffie-Hellman using vulnerable Bouncy Castle versions and exposing this functionality to untrusted parties.
What are the Known Public Exploits?
| PoC Author | Link | Commentary |
|---|---|---|
| No known exploits | ||
What are the Available Fixes for CVE-2016-1000346?
Available Upgrade Options
- org.bouncycastle:bcprov-jdk15on
- <1.56 → Upgrade to 1.56
- org.bouncycastle:bcprov-jdk14
- <1.56 → Upgrade to 1.56
- org.bouncycastle:bcprov-jdk15
- <1.56 → Upgrade to 1.56
Struggling with dependency upgrades?
See how Resolved Security's drop-in replacements make it simple.
Book a demoAdditional Resources
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://access.redhat.com/errata/RHSA-2018:2927
- https://access.redhat.com/errata/RHSA-2018:2669
- https://access.redhat.com/errata/RHSA-2018:2669
- https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
- https://github.com/bcgit/bc-java
- https://github.com/advisories/GHSA-fjqm-246c-mwqg
- https://security.netapp.com/advisory/ntap-20181127-0004/
- https://osv.dev/vulnerability/GHSA-fjqm-246c-mwqg
- https://usn.ubuntu.com/3727-1
What are Similar Vulnerabilities to CVE-2016-1000346?
Similar Vulnerabilities: CVE-2016-1000341 , CVE-2017-6167 , CVE-2017-6168 , CVE-2015-7940 , CVE-2018-5383
