An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. An off-by-one error when processing malformed TLS-CBC ciphertext could cause the receiving side to include in the HMAC computation exactly 64K bytes of data following the record buffer, aka an over-read. The MAC comparison will subsequently fail and the connection will be closed. This could be used for denial of service. No information leak occurs.
A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Botan | Botan_project | 1.11.32 (including) | 2.6.0 (excluding) |
Botan | Ubuntu | bionic | * |
Botan | Ubuntu | cosmic | * |
Botan | Ubuntu | esm-apps/bionic | * |
Botan | Ubuntu | upstream | * |
Botan1.10 | Ubuntu | artful | * |
Botan1.10 | Ubuntu | cosmic | * |
Botan1.10 | Ubuntu | trusty | * |
Botan1.10 | Ubuntu | trusty/esm | * |