CVE-2019-1559

If an application encounters a fatal protocol error and then calls SSLshutdown() twice (once to send a closenotify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).

References

Affected packages

Git

github.com/mysql/mysql-server

Affected ranges

Type: GIT
Repo: https://github.com/mysql/mysql-server
Events: Fixed

527c12ed611f3fe072c3043734319edb2c733099

Introduced

270fd3411e3d671a73ed9725940a30080f59ce6d

Fixed

7d10c82196c8e45554f27c00681474a9fb86d137

Affected versions

mysql-5.*

mysql-5.5.52

mysql-5.5.53

mysql-5.5.54

mysql-5.5.55

mysql-5.5.56

mysql-5.5.57

mysql-5.5.58

mysql-5.5.59

mysql-5.5.60

mysql-5.5.61

mysql-5.5.62

mysql-5.5.63

mysql-5.6.33

mysql-5.6.34

mysql-5.6.35

mysql-5.6.36

mysql-5.6.37

mysql-5.6.38

mysql-5.6.39

mysql-5.6.40

mysql-5.6.41

mysql-5.6.42

mysql-5.6.43

mysql-5.6.45

mysql-5.6.46

mysql-5.6.47

mysql-5.6.48

mysql-5.6.49

mysql-5.6.50

mysql-5.6.51

mysql-5.7-22-ndb-7.6.6

mysql-5.7.15

mysql-5.7.16

mysql-5.7.17

mysql-5.7.18

mysql-5.7.19

mysql-5.7.20

mysql-5.7.21

mysql-5.7.22

mysql-5.7.24

mysql-5.7.25

mysql-5.7.26

mysql-5.7.27

mysql-5.7.28

mysql-5.7.29

mysql-5.7.30

mysql-5.7.31

mysql-5.7.32

mysql-5.7.33

mysql-5.7.34

mysql-5.7.35

mysql-5.7.36

mysql-5.7.37

mysql-5.7.38

mysql-5.7.39

mysql-5.7.40

mysql-5.7.40-testing

mysql-5.7.41

mysql-5.7.42

mysql-5.7.43

mysql-5.7.44

mysql-8.*

mysql-8.0.0

mysql-8.0.1

mysql-8.0.11

mysql-8.0.12

mysql-8.0.13

mysql-8.0.14

mysql-8.0.15

mysql-8.0.16

mysql-8.0.17

mysql-8.0.18

mysql-8.0.19

mysql-8.0.2

mysql-8.0.20

mysql-8.0.21

mysql-8.0.22

mysql-8.0.23

mysql-8.0.24

mysql-8.0.25

mysql-8.0.26

mysql-8.0.27

mysql-8.0.28

mysql-8.0.29

mysql-8.0.3

mysql-8.0.30

mysql-8.0.31

mysql-8.0.32

mysql-8.0.33

mysql-8.0.34

mysql-8.0.35

mysql-8.0.36

mysql-8.0.37

mysql-8.0.4

mysql-8.1.0

mysql-8.2.0

mysql-8.3.0

mysql-8.4.0

mysql-9.*

mysql-9.0.0-release

mysql-cluster-7.*

mysql-cluster-7.2.24

mysql-cluster-7.2.25

mysql-cluster-7.2.26

mysql-cluster-7.2.27

mysql-cluster-7.2.28

mysql-cluster-7.2.29

mysql-cluster-7.2.30

mysql-cluster-7.2.31

mysql-cluster-7.2.32

mysql-cluster-7.2.33

mysql-cluster-7.2.34

mysql-cluster-7.2.35

mysql-cluster-7.2.37

mysql-cluster-7.2.38

mysql-cluster-7.2.39

mysql-cluster-7.2.40

mysql-cluster-7.3.13

mysql-cluster-7.3.14

mysql-cluster-7.3.15

mysql-cluster-7.3.16

mysql-cluster-7.3.17

mysql-cluster-7.3.18

mysql-cluster-7.3.19

mysql-cluster-7.3.20

mysql-cluster-7.3.21

mysql-cluster-7.3.22

mysql-cluster-7.3.23

mysql-cluster-7.3.24

mysql-cluster-7.3.25

mysql-cluster-7.3.26

mysql-cluster-7.3.27

mysql-cluster-7.3.28

mysql-cluster-7.3.29

mysql-cluster-7.3.30

mysql-cluster-7.3.31

mysql-cluster-7.3.33

mysql-cluster-7.4.11

mysql-cluster-7.4.12

mysql-cluster-7.4.13

mysql-cluster-7.4.14

mysql-cluster-7.4.15

mysql-cluster-7.4.16

mysql-cluster-7.4.17

mysql-cluster-7.4.18

mysql-cluster-7.4.19

mysql-cluster-7.4.20

mysql-cluster-7.4.21

mysql-cluster-7.4.23

mysql-cluster-7.4.24

mysql-cluster-7.4.25

mysql-cluster-7.4.26

mysql-cluster-7.4.27

mysql-cluster-7.4.28

mysql-cluster-7.4.29

mysql-cluster-7.4.30

mysql-cluster-7.4.32

mysql-cluster-7.4.33

mysql-cluster-7.4.34

mysql-cluster-7.4.35

mysql-cluster-7.4.36

mysql-cluster-7.4.37

mysql-cluster-7.4.38

mysql-cluster-7.4.39

mysql-cluster-7.5.1

mysql-cluster-7.5.10

mysql-cluster-7.5.11

mysql-cluster-7.5.12

mysql-cluster-7.5.13

mysql-cluster-7.5.14

mysql-cluster-7.5.15

mysql-cluster-7.5.16

mysql-cluster-7.5.17

mysql-cluster-7.5.18

mysql-cluster-7.5.19

mysql-cluster-7.5.2

mysql-cluster-7.5.20

mysql-cluster-7.5.21

mysql-cluster-7.5.23

mysql-cluster-7.5.24

mysql-cluster-7.5.25

mysql-cluster-7.5.26

mysql-cluster-7.5.27

mysql-cluster-7.5.28

mysql-cluster-7.5.29

mysql-cluster-7.5.3

mysql-cluster-7.5.30

mysql-cluster-7.5.31

mysql-cluster-7.5.32

mysql-cluster-7.5.33

mysql-cluster-7.5.34

mysql-cluster-7.5.4

mysql-cluster-7.5.5

mysql-cluster-7.5.6

mysql-cluster-7.5.7

mysql-cluster-7.5.8

mysql-cluster-7.5.9

mysql-cluster-7.6.10

mysql-cluster-7.6.11

mysql-cluster-7.6.12

mysql-cluster-7.6.13

mysql-cluster-7.6.14

mysql-cluster-7.6.15

mysql-cluster-7.6.16

mysql-cluster-7.6.17

mysql-cluster-7.6.19

mysql-cluster-7.6.2

mysql-cluster-7.6.20

mysql-cluster-7.6.22

mysql-cluster-7.6.23

mysql-cluster-7.6.24

mysql-cluster-7.6.25

mysql-cluster-7.6.26

mysql-cluster-7.6.27

mysql-cluster-7.6.28

mysql-cluster-7.6.29

mysql-cluster-7.6.3

mysql-cluster-7.6.30

mysql-cluster-7.6.4

mysql-cluster-7.6.5

mysql-cluster-7.6.6

mysql-cluster-7.6.7

mysql-cluster-7.6.8

mysql-cluster-7.6.9

mysql-cluster-8.*

mysql-cluster-8.0.16

mysql-cluster-8.0.18

mysql-cluster-8.0.19

mysql-cluster-8.0.20

mysql-cluster-8.0.21

mysql-cluster-8.0.22

mysql-cluster-8.0.23

mysql-cluster-8.0.24

mysql-cluster-8.0.25

mysql-cluster-8.0.26

mysql-cluster-8.0.27

mysql-cluster-8.0.28

mysql-cluster-8.0.29

mysql-cluster-8.0.30

mysql-cluster-8.0.31

mysql-cluster-8.0.32

mysql-cluster-8.0.33

mysql-cluster-8.0.34

mysql-cluster-8.0.35

mysql-cluster-8.0.36

mysql-cluster-8.0.37

mysql-cluster-8.1.0

mysql-cluster-8.2.0

mysql-cluster-8.3.0

mysql-cluster-8.4.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-1559.json"

vanir_signatures

[
    {
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/mysql/mysql-server/commit/7d10c82196c8e45554f27c00681474a9fb86d137",
        "target": {
            "file": "sql/auth/sql_security_ctx.cc"
        },
        "deprecated": false,
        "id": "CVE-2019-1559-627d45fc",
        "digest": {
            "line_hashes": [
                "317463022452382766021103977305274585179",
                "231023415934437405040826552604315029303",
                "297740067960712497696382412249502119229",
                "309425770541891912532229026717192392036",
                "284148148647439509389511598979234415422",
                "116378823324225689461236126012161469315",
                "86824927962339967726030080493727111830",
                "229418578243886234607155219959991524149",
                "248333722744294557902251110539727458724",
                "60562948043869069039720139670193814094",
                "234065302816130076253002738647915957633",
                "284004652744631390210136567077888520262",
                "160922535157528631778173976280695262599",
                "31363143091404555847052523631550609500",
                "309255939664318821618380824832978289908",
                "50551599195409746706267459404639193933",
                "170240436352108084277830328958887278124",
                "279197034075409124961633015511866447613",
                "332791052601321667762795215187482398841"
            ],
            "threshold": 0.9
        }
    },
    {
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/mysql/mysql-server/commit/7d10c82196c8e45554f27c00681474a9fb86d137",
        "target": {
            "function": "Security_context::checkout_access_maps",
            "file": "sql/auth/sql_security_ctx.cc"
        },
        "deprecated": false,
        "id": "CVE-2019-1559-e648c373",
        "digest": {
            "length": 1080.0,
            "function_hash": "66171467169832509301814870837451245409"
        }
    }
]

github.com/nodejs/node

Affected ranges

Type: GIT
Repo: https://github.com/nodejs/node
Events: Introduced

7c89c4c7acdaa2035ec42195ade689419209c2fd

Fixed

6faf17cb45e27cb6feeff4a0da1513ea99a68b58

Introduced

f76ce0a75641991bfc235775a4747c978e0e281b

Fixed

783e1e2065f96c74fd8ab8503c14f28f628c4ec0

Introduced

f9f837885343a2a3f5ba2b8c510eaac395c8c865

Fixed

ce3e3c5fe15479475c068482c48eb9cbf1ac9df5

Introduced

6b1c40be84fbe5ea404f25e4e340a0c1fe67a60a

Fixed

e6a25300148c32872d6701dfa25c1210797beb4b

Introduced

362fe010fe8f6feb0030e1e02c689b501e11ddb7

Fixed

fa9990f3fb5b06fe94e294925246d2c136deb2c2

Affected versions

v2.*

v2.0.0

v2.0.1

v2.0.2

v2.1.0

v2.2.0

v2.2.1

v2.3.0

v2.3.1

v2.3.2

v2.3.3

v2.3.4

v2.4.0

v2.5.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-1559.json"

github.com/openssl/openssl

Affected ranges

Type: GIT
Repo: https://github.com/openssl/openssl
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

89cd17a031e022211684eb7eb41190cf1910f9fa

Affected versions

Other

BEFORE_engine

OpenSSL_0_9_1c

OpenSSL_0_9_2b

OpenSSL_0_9_3

OpenSSL_0_9_3a

OpenSSL_0_9_3beta2

OpenSSL_0_9_4

OpenSSL_0_9_5a

OpenSSL_0_9_5a-beta1

OpenSSL_0_9_5a-beta2

OpenSSL_0_9_5beta1

OpenSSL_0_9_5beta2

OpenSSL_0_9_6-beta3

OpenSSL_1_1_0-pre1

OpenSSL_1_1_0-pre2

OpenSSL_1_1_0-pre3

OpenSSL_1_1_0-pre4

OpenSSL_1_1_0-pre5

OpenSSL_1_1_0-pre6

OpenSSL_1_1_1

OpenSSL_1_1_1-pre1

OpenSSL_1_1_1-pre2

OpenSSL_1_1_1-pre3

OpenSSL_1_1_1-pre4

OpenSSL_1_1_1-pre5

OpenSSL_1_1_1-pre6

OpenSSL_1_1_1-pre7

OpenSSL_1_1_1-pre8

OpenSSL_1_1_1-pre9

master-post-auto-reformat

master-post-reformat

master-pre-auto-reformat

master-pre-reformat

openssl-3.*

openssl-3.0.0-alpha1

openssl-3.0.0-alpha10

openssl-3.0.0-alpha11

openssl-3.0.0-alpha12

openssl-3.0.0-alpha13

openssl-3.0.0-alpha14

openssl-3.0.0-alpha15

openssl-3.0.0-alpha16

openssl-3.0.0-alpha17

openssl-3.0.0-alpha2

openssl-3.0.0-alpha3

openssl-3.0.0-alpha4

openssl-3.0.0-alpha5

openssl-3.0.0-alpha6

openssl-3.0.0-alpha7

openssl-3.0.0-alpha8

openssl-3.0.0-alpha9

openssl-3.0.0-beta1

openssl-3.0.0-beta2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-1559.json"

github.com/twbs/bootstrap

Affected ranges

Type: GIT
Repo: https://github.com/twbs/bootstrap
Events: Introduced

fd49d4a44f7fe73054b861461b9ec0f36a1bb29a

Fixed

e8a1df5f060bf7e6631554648e0abde150aedbe4

Affected versions

v2.*

v2.0.0

v2.0.1

v2.0.2

v2.0.3

v2.0.4

v2.1.0

v2.1.1

v2.2.0

v2.2.2

v2.3.0

v2.3.1

v3.*

v3.0.0-rc.2

v3.0.0-rc1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-1559.json"