CVE-2016-1000338

In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure.

Published: Jun 1, 2018
Updated: Oct 7, 2023
CVE: CVE-2016-1000338
GHSA: GHSA-4vhj-98r6-424h
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-347

Affected Software
References

Software	From	Fixed in
org.bouncycastle / bcprov-jdk14	-	1.56
org.bouncycastle / bcprov-jdk15	-	1.5.6
bouncycastle / legion-of-the-bouncy-castle-java-crytography-api	1.38	1.56
redhat / satellite_capsule	6.4	6.4.x
canonical / ubuntu_linux	14.04	14.04.x
redhat / satellite	6.4	6.4.x

https://access.redhat.com/errata/RHSA-2018:2669
https://access.redhat.com/errata/RHSA-2018:2927
https://github.com/bcgit/bc-java/commit/b0c3ce99d43d73a096268831d0d120ffc89eac7f#diff-3679f5a9d2b939d0d3ee1601a7774fb0
https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E
https://lists.debian.org/debian-lts-announce/2018/07/msg00009.html
https://security.netapp.com/advisory/ntap-20231006-0011/
https://usn.ubuntu.com/3727-1/
https://www.oracle.com/security-alerts/cpuoct2020.html

Vulnerability Database

289,599

CVE-2016-1000338