OpenSSL存在多个拒绝服务漏洞

来自OpenSSL官方，存在多个拒绝服务漏洞（CNVD-2016-11090、CNVD-2016-11095、CNVD-2016-11093，对应CVE-2016-7054、CVE-2016-7053、CVE-2016-7055）。远程攻击者利用上面漏洞，可发起拒绝服务攻击，导致内存或CPU资源耗尽。

OpenSSL是OpenSSL团队开发的一个开源的能够实现安全套接层（SSL v2/v3）和安全传输层（TLS v1）协议的通用加密库，它支持多种加密算法，包括对称密码、哈希算法、安全散列算法等。
（一）OpenSSL拒绝服务漏洞（CNVD-2016-11090）
由于TLS链接使用的*-CHACHA20-POLY1305密码组件，通过破坏大量的有效荷载易受到拒绝服务攻击，可能导致OpenSSL的崩溃。远程攻击者利用该漏洞，可造成应用程序拒绝服务，导致内存或CPU资源耗尽。CNVD对该漏洞的综合评级为“高危”。
（二）OpenSSL空指针废弃拒绝服务漏洞（CNVD-2016-11095）
程序在试图释放某些无效编码时，错误处理OpenSSL 1.1.0中的ASN.1选择类型，可导致一个NULL值被传递给回调结构，当NULL指针解析无效的CMS结构可导致应用程序崩溃。仅使用不处理空值的回调函数的选择结构时受到影响。CNVD对该漏洞的综合评级为“中危”。
（三）OpenSSL拒绝服务漏洞（CNVD-2016-11093）
当Broadwell-specific Montgomery乘法运算程序在处理输入长度超过256bits数据时，可导致应用程序崩溃。分析表明，由于存在问题的子程序不使用私钥本身的操作和攻击者的直接输入，攻击者不能攻击RSA，DSA和DH密钥。在EC算法中只有Brainpool P-512 curves受到影响，有可能存在针对ECDH的密钥协商攻击。CNVD对该漏洞的综合评级依次为“低危”。

OpenSSL解决方法：目前，厂商已发布了漏洞修复程序，用户可将程序升级至1.1.0c版本。

OpenSSL Security Advisory [10 Nov 2016]
========================================

ChaCha20/Poly1305 heap-buffer-overflow (CVE-2016-7054)
======================================================

Severity: High

TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS
attack by corrupting larger payloads. This can result in an OpenSSL crash. This
issue is not considered to be exploitable beyond a DoS.

OpenSSL 1.1.0 users should upgrade to 1.1.0c

This issue does not affect OpenSSL versions prior to 1.1.0

This issue was reported to OpenSSL on 25th September 2016 by Robert
Święcki (Google Security Team), and was found using honggfuzz. The fix
was developed by Richard Levitte of the OpenSSL development team.

CMS Null dereference (CVE-2016-7053)
====================================

Severity: Moderate

Applications parsing invalid CMS structures can crash with a NULL pointer
dereference. This is caused by a bug in the handling of the ASN.1 CHOICE type
in OpenSSL 1.1.0 which can result in a NULL value being passed to the structure
callback if an attempt is made to free certain invalid encodings. Only CHOICE
structures using a callback which do not handle NULL value are affected.

OpenSSL 1.1.0 users should upgrade to 1.1.0c

This issue does not affect OpenSSL versions prior to 1.1.0

This issue was reported to OpenSSL on 12th October 2016 by Tyler Nighswander of
ForAllSecure. The fix was developed by Stephen Henson of the OpenSSL
development team.

Montgomery multiplication may produce incorrect results (CVE-2016-7055)

引用参看：

http://www.cert.org.cn/publish/main/9/2016/20161117152156965905055/20161117152156965905055_.html
https://www.openssl.org/