Miggo Logo

CVE-2016-7798: OpenSSL gem for Ruby using inadequate encryption strength

7.5

CVSS Score
3.1

Basic Information

EPSS Score
0.41878%
Published
10/24/2017
Updated
7/3/2023
KEV Status
No
Technology
TechnologyRuby

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
opensslrubygems< 2.0.02.0.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from the OpenSSL gem's cipher initialization logic. The function ossl_cipher_initialize in ext/openssl/ossl_cipher.c explicitly set a dummy key (all zeros) via EVP_CipherInit_ex(ctx, cipher, NULL, dummy_key, NULL, -1). This dummy key initialization was a workaround for a segfault issue in older OpenSSL versions. However, in AES-GCM mode, setting the IV before the real key after this dummy initialization would cause the IV to be reset to zero when the real key was later applied (due to OpenSSL's internal reinitialization behavior). The commit 8108e0a removed this dummy key initialization, fixing the IV retention issue. The presence of this dummy key setup directly enabled the IV reuse vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** Op*nSSL **m *or Ru*y us*s t** s*m* initi*liz*tion v**tor (IV) in **M Mo** (**s-*-**m) w**n t** IV is s*t ***or* t** k*y, w*i** m*k*s it **si*r *or *ont*xt-**p*n**nt *tt**k*rs to *yp*ss t** *n*ryption prot**tion m****nism.

Reasoning

T** vuln*r**ility st*mm** *rom t** Op*nSSL **m's *ip**r initi*liz*tion lo*i*. T** *un*tion `ossl_*ip**r_initi*liz*` in `*xt/op*nssl/ossl_*ip**r.*` *xpli*itly s*t * *ummy k*y (*ll z*ros) vi* `*VP_*ip**rInit_*x(*tx, *ip**r, NULL, *ummy_k*y, NULL, -*)`.