CVE-2018-10903

A flaw was found in python-cryptography versions between >=1.9.0 and <2.3. The finalize_with_tag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalize_with_tag an attacker could craft an invalid payload with a shortened tag (e.g. 1 byte) such that they would have a 1 in 256 chance of passing the MAC check. GCM tag forgeries can cause key leakage.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
Affected Products (NVD)
VendorProductVersion
cryptographypython-cryptography
1.9.0 ≤
𝑥
< 2.3
canonicalubuntu_linux
18.04
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
python-cryptography
bookworm
38.0.4-3
fixed
bookworm (security)
38.0.4-3~deb12u1
fixed
bullseye
3.3.2-1
fixed
bullseye (security)
3.3.2-1+deb11u1
fixed
jessie
not-affected
sid
43.0.0-1
fixed
stretch
not-affected
trixie
43.0.0-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
python-cryptography
artful
ignored
bionic
Fixed 2.1.4-1ubuntu1.2
released
trusty
dne
xenial
not-affected
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
aws-cli-py36
suse enterprise server 12 SP3
1.19.9-6.3.15
fixed
libpython3_6m1_0
suse enterprise server 12 SP3
3.6.15-6.61.5
fixed
python-cffi
suse enterprise sap 12 SP2
1.11.2-5.11.1
fixed
suse enterprise sap 12 SP3
1.11.2-5.11.1
fixed
suse enterprise sap 12 SP4
1.11.2-5.11.1
fixed
suse enterprise sap 12 SP5
1.11.2-5.11.1
fixed
suse enterprise server 12 SP1
1.11.2-2.19.2
fixed
suse enterprise server 12 SP2
1.11.2-5.11.1
fixed
suse enterprise server 12 SP3
1.11.2-5.11.1
fixed
suse enterprise server 12 SP4
1.11.2-5.11.1
fixed
suse enterprise server 12 SP5
1.11.2-5.11.1
fixed
python-cryptography
suse enterprise sap 12 SP2
2.1.4-7.28.2
fixed
suse enterprise sap 12 SP3
2.1.4-7.28.2
fixed
suse enterprise sap 12 SP4
2.1.4-7.28.2
fixed
suse enterprise sap 12 SP5
2.1.4-7.28.2
fixed
suse enterprise server 12 SP1
2.1.4-3.15.5
fixed
suse enterprise server 12 SP2
2.1.4-7.28.2
fixed
suse enterprise server 12 SP3
2.1.4-7.28.2
fixed
suse enterprise server 12 SP4
2.1.4-7.28.2
fixed
suse enterprise server 12 SP5
2.1.4-7.28.2
fixed
python-xattr
suse enterprise sap 12 SP2
0.7.5-6.3.2
fixed
suse enterprise sap 12 SP3
0.7.5-6.3.2
fixed
suse enterprise sap 12 SP4
0.7.5-6.3.2
fixed
suse enterprise sap 12 SP5
0.7.5-6.3.2
fixed
suse enterprise server 12 SP1
0.7.5-3.2.1
fixed
suse enterprise server 12 SP2
0.7.5-6.3.2
fixed
suse enterprise server 12 SP3
0.7.5-6.3.2
fixed
suse enterprise server 12 SP4
0.7.5-6.3.2
fixed
suse enterprise server 12 SP5
0.7.5-6.3.2
fixed
python2-cryptography
suse enterprise desktop 15
2.1.4-4.3.1
fixed
suse enterprise sap 15
2.1.4-4.3.1
fixed
suse enterprise server 15
2.1.4-4.3.1
fixed
suse enterprise server 15 SP2
2.9.2-150200.13.1
fixed
python3-cffi
suse enterprise sap 12 SP2
1.11.2-5.11.1
fixed
suse enterprise sap 12 SP3
1.11.2-5.11.1
fixed
suse enterprise sap 12 SP4
1.11.2-5.11.1
fixed
suse enterprise sap 12 SP5
1.11.2-5.11.1
fixed
suse enterprise server 12 SP1
1.11.2-2.19.2
fixed
suse enterprise server 12 SP2
1.11.2-5.11.1
fixed
suse enterprise server 12 SP3
1.11.2-5.11.1
fixed
suse enterprise server 12 SP4
1.11.2-5.11.1
fixed
suse enterprise server 12 SP5
1.11.2-5.11.1
fixed
python3-cryptography
suse enterprise desktop 15
2.1.4-4.3.1
fixed
suse enterprise sap 12 SP2
2.1.4-7.28.2
fixed
suse enterprise sap 12 SP3
2.1.4-7.28.2
fixed
suse enterprise sap 12 SP4
2.1.4-7.28.2
fixed
suse enterprise sap 12 SP5
2.1.4-7.28.2
fixed
suse enterprise sap 15
2.1.4-4.3.1
fixed
suse enterprise server 12 SP1
2.1.4-3.15.5
fixed
suse enterprise server 12 SP2
2.1.4-7.28.2
fixed
suse enterprise server 12 SP3
2.1.4-7.28.2
fixed
suse enterprise server 12 SP4
2.1.4-7.28.2
fixed
suse enterprise server 12 SP5
2.1.4-7.28.2
fixed
suse enterprise server 15
2.1.4-4.3.1
fixed
suse enterprise server 15 SP2
2.9.2-150200.13.1
fixed
python36
suse enterprise server 12 SP3
3.6.15-6.61.6
fixed
python36-PyYAML
suse enterprise server 12 SP3
5.3.1-6.5.12
fixed
python36-appdirs
suse enterprise server 12 SP3
1.4.3-6.3.8
fixed
python36-asn1crypto
suse enterprise server 12 SP3
0.24.0-6.3.16
fixed
python36-base
suse enterprise server 12 SP3
3.6.15-6.61.5
fixed
python36-boto3
suse enterprise server 12 SP3
1.17.9-6.3.11
fixed
python36-botocore
suse enterprise server 12 SP3
1.20.9-6.3.11
fixed
python36-certifi
suse enterprise server 12 SP3
2018.1.18-6.3.15
fixed
python36-cffi
suse enterprise server 12 SP3
1.11.5-6.3.18
fixed
python36-chardet
suse enterprise server 12 SP3
3.0.4-6.3.15
fixed
python36-colorama
suse enterprise server 12 SP3
0.4.4-6.3.15
fixed
python36-cryptography
suse enterprise server 12 SP3
2.8-6.3.17
fixed
python36-curses
suse enterprise server 12 SP3
3.6.15-6.61.6
fixed
python36-dbm
suse enterprise server 12 SP3
3.6.15-6.61.6
fixed
python36-devel
suse enterprise server 12 SP3
3.6.15-6.61.5
fixed
python36-docutils
suse enterprise server 12 SP3
0.14-6.3.8
fixed
python36-idle
suse enterprise server 12 SP3
3.6.15-6.61.6
fixed
python36-idna
suse enterprise server 12 SP3
2.6-6.5.15
fixed
python36-jmespath
suse enterprise server 12 SP3
0.9.3-6.3.14
fixed
python36-packaging
suse enterprise server 12 SP3
17.1-6.6.8
fixed
python36-ply
suse enterprise server 12 SP3
3.10-6.3.8
fixed
python36-ply-doc
suse enterprise server 12 SP3
3.10-6.3.8
fixed
python36-py
suse enterprise server 12 SP3
1.8.1-6.3.15
fixed
python36-pyOpenSSL
suse enterprise server 12 SP3
17.1.0-6.3.16
fixed
python36-pyasn1
suse enterprise server 12 SP3
0.1.9-6.3.18
fixed
python36-pycparser
suse enterprise server 12 SP3
2.10-6.3.9
fixed
python36-pyparsing
suse enterprise server 12 SP3
2.4.7-6.3.9
fixed
python36-pyparsing-doc
suse enterprise server 12 SP3
2.4.7-6.3.9
fixed
python36-python-dateutil
suse enterprise server 12 SP3
2.7.3-6.3.13
fixed
python36-requests
suse enterprise server 12 SP3
2.24.0-6.3.15
fixed
python36-rsa
suse enterprise server 12 SP3
3.4.2-6.3.15
fixed
python36-s3transfer
suse enterprise server 12 SP3
0.3.3-6.3.11
fixed
python36-setuptools
suse enterprise server 12 SP3
44.1.1-9.11.1
fixed
python36-setuptools-test
suse enterprise server 12 SP3
44.1.1-6.7.4
fixed
python36-setuptools-wheel
suse enterprise server 12 SP3
44.1.1-6.7.3
fixed
python36-simplejson
suse enterprise server 12 SP3
3.8.2-6.3.16
fixed
python36-six
suse enterprise server 12 SP3
1.14.0-6.7.3
fixed
python36-six-doc
suse enterprise server 12 SP3
1.14.0-6.7.6
fixed
python36-testsuite
suse enterprise server 12 SP3
3.6.15-6.61.5
fixed
python36-tk
suse enterprise server 12 SP3
3.6.15-6.61.6
fixed
python36-tools
suse enterprise server 12 SP3
3.6.15-6.61.5
fixed
python36-urllib3
suse enterprise server 12 SP3
1.25.10-6.3.13
fixed
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2018:3600
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10903
https://github.com/pyca/cryptography/pull/4342/commits/688e0f673bfbf43fa898994326c6877f00ab19ef
https://usn.ubuntu.com/3720-1/
https://access.redhat.com/errata/RHSA-2018:3600
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10903
https://github.com/pyca/cryptography/pull/4342/commits/688e0f673bfbf43fa898994326c6877f00ab19ef
https://usn.ubuntu.com/3720-1/