These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2016-6884 is a denial-of-service vulnerability in MatrixSSL affecting CBC-mode cipher suites used in TLS 1.1 and TLS 1.2. According to NVD, a crafted message can trigger an out-of-bounds read, which may crash the affected service. The vulnerable range is MatrixSSL versions through 3.8.2; the vendor changelog reference and NVD description indicate the issue is addressed in 3.8.3 and later.
CVE-2016-6883 affects MatrixSSL versions before 3.8.3 when RSA cipher suites are configured. According to NVD, the issue can let a remote attacker obtain sensitive information through a Bleichenbacher-variant attack. The published CVSS score is 5.9 (Medium), with the main impact on confidentiality.
CVE-2016-6882 affects MatrixSSL versions before 3.8.7. According to NVD, when the DHE_RSA-based cipher suite is supported, a remote attacker may be able to obtain RSA private key information through a Lenstra side-channel attack. The NVD record maps the issue to MatrixSSL versions up to 3.8.6 and rates it CVSS 3.0 5.9 (MEDIUM).
CVE-2016-8671 is a MatrixSSL vulnerability in the pstm_exptmod modular exponentiation function affecting MatrixSSL 3.8.6 and earlier. According to the CVE record, the bug could let remote attackers predict secret key material through unspecified vectors. The issue was described as the result of an incomplete fix for CVE-2016-6887, so organizations that patched only the earlier problem should verify they a [truncated]
CVE-2016-6887 is a MatrixSSL cryptographic weakness published on 2017-01-13. According to the NVD record, MatrixSSL 3.8.6 and earlier are affected by an incorrect modular exponentiation implementation in pstm_exptmod, which could allow a remote attacker to predict a secret key via a CRT attack. The issue is network-reachable, confidentiality-impacting, and has no integrity or availability impact listed in [truncated]
CVE-2016-6886 affects MatrixSSL before 3.8.4 and can let a remote attacker trigger a crash during RSA key exchange. The issue is an invalid memory read in pstm_reverse, reached with a zero value or the key's modulus for the secret key. NVD rates the impact as high availability loss, and the vendor reference points to MatrixSSL 3.8.4 as the fix.
CVE-2016-6885 is a denial-of-service flaw in MatrixSSL before 3.8.4. According to the NVD record, the pstm_exptmod function can hit an invalid free and crash when modular exponentiation is given a base zero value. The result is an availability impact only, but it is remotely reachable and rated HIGH in the NVD entry.