CVE-2016-2427

18.04.2016, 00:59

The AES-GCM specification in RFC 5084, as used in Android 5.x and 6.x, recommends 12 octets for the aes-ICVlen parameter field, which might make it easier for attackers to defeat a cryptographic protection mechanism and discover an authentication key via a crafted application, aka internal bug 26234568.  NOTE: The vendor disputes the existence of this potential issue in Android, stating "This CVE was raised in error: it referred to the authentication tag size in GCM, whose default according to ASN.1 encoding (12 bytes) can lead to vulnerabilities. After careful consideration, it was decided that the insecure default value of 12 bytes was a default only for the encoding and not default anywhere else in Android, and hence no vulnerability existed.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.5 MEDIUM	LOCAL	LOW	NONE	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
google_android	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 30%

Vendor	Product	Version
bouncycastle	bc-java	1.54
google	android	5.0
google	android	5.0.1
google	android	5.1
google	android	5.1.0
google	android	6.0
google	android	6.0.1

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

android

artful	dne
zesty	not-affected
yakkety	ignored
xenial	not-affected
wily	ignored
trusty	dne
precise	dne

bouncycastle

artful	not-affected
zesty	not-affected
yakkety	ignored
xenial	not-affected
wily	not-affected
trusty	dne
precise	not-affected

Common Weakness Enumeration

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References

http://source.android.com/security/bulletin/2016-04-02.html