Multiple OpenSSL vulnerabilities (CVE-2016-2107 and CVE-2016-2108)


Padding oracle in AES-NI CBC MAC check (CVE-2016-2107):

A MITM attacker can use a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server support AES-NI.


This issue was introduced as part of the fix for Lucky 13 padding attack (CVE-2013-0169). The padding check was rewritten to be in constant time by making sure that always the same bytes are read and compared against either the MAC or padding bytes. But it no longer checked that there was enough data to have both the MAC and padding bytes.

Memory corruption in the ASN.1 encoder (CVE-2016-2108):

This issue affected versions of OpenSSL prior to April 2015. The bug causing the vulnerability was fixed on April 18th 2015, and released as part of the June 11th 2015 security releases. The security impact of the bug was not known at the time. 

Other less critical OpenSSL vulnerabilities have been discovered and are explained here:

More information per Operating system:

Please make sure to verify if patched version of OpenSSL has been released for your Operating system version before updating it.

Red Hat and CentOS:




On CentOS and Red Hat Enterprise Linux :


yum clean all

yum update openssl



On Ubuntu and Debian


sudo apt-get update

sudo apt-get install openssl



We suggest that you subscribe to your operating system notification system at the following URLs:

Red Hat - RHSA-announce (

CentOS - CentOS-announce (

Ubuntu - ubuntu-security-announce (

Debian - debian-security-announce (



Article is closed for comments.
Powered by Zendesk