CVE-2016-6129

Published: Feb 13, 2017Modified: May 13, 2026

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the ASN.1 encoded data length, which makes it easier for remote attackers to forge RSA signatures or public certificates by leveraging a Bleichenbacher signature forgery attack.

Affected (2)

Products: Op Tee: Op Tee Os · Libtom: Libtomcrypt

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Op Tee Op Tee Os	Up to 2.1.0

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Libtom Libtomcrypt	Up to 1.17

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (6)

https://bugzilla.redhat.com/show_bug.cgi?id=1370955

Source: cve@mitre.org

Issue TrackingPatch

https://github.com/libtom/libtomcrypt/commit/5eb9743410ce4657e9d54fef26a2ee31a1b5dd0

Source: cve@mitre.org

Issue TrackingPatchThird Party Advisory

https://www.op-tee.org/advisories/

Source: cve@mitre.org

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=1370955

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatch

https://github.com/libtom/libtomcrypt/commit/5eb9743410ce4657e9d54fef26a2ee31a1b5dd0

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchThird Party Advisory

https://www.op-tee.org/advisories/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.