Bug 1384743 (CVE-2016-8610)

Summary: CVE-2016-8610 SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS
Product: [Other] Security Response Reporter: Huzaifa S. Sidhpurwala <huzaifas>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: bbaranow, bmaxwell, carnil, cdewolf, cperry, csutherl, dandread, darran.lofthouse, dosoudil, dueno, erik-fedora, gzaronik, hkario, jawilson, jclere, kdudka, ktietz, lgao, marcandre.lureau, mbabacek, msugaya, mturk, myarboro, nmavrogi, pgier, psakar, pslavice, redhat-bugzilla, rjones, rnetuka, rsvoboda, sardella, security-response-team, slawomir, tmraz, twalsh, vtunka, weli, yozone
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=moderate,public=20161024,reported=20161014,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,rhel-5/openssl=wontfix,rhel-5/openssl097a=wontfix,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=defer,jbcs-1/openssl=affected,eap-6/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhel-5/nss=notaffected,rhel-6/nss=notaffected,rhel-7/nss=notaffected,fedora-all/nss=notaffected,rhel-5/gnutls=wontfix,rhel-6/gnutls=wontfix,rhel-7/gnutls=wontfix,fedora-all/gnutls=affected
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On: 1392664, 1388725, 1388726, 1388727, 1388728, 1388729, 1388730, 1392663, 1392708, 1418964, 1418965, 1418966    
Bug Blocks: 1384749, 1386080, 1446026, 1457678, 1461790, 1479475    

Description Huzaifa S. Sidhpurwala 2016-10-14 03:49:42 UTC
A flaw was found in the way OpenSSL processed ALERT packets during an SSL handshake. A attacker basically sends a large number of plaintext WARNING pkgs after CLIENTHELLO, which causes OpenSSL to go into a endless loop (while the attacker keeps on sending more alert packets), consequently taking 100% CPU. This may cause certain applications compiled against OpenSSL to hang and may not be able to serve content to the clients. This is specially true about for servers which do not for or allocate extra thread for the processing of ClientHello like nginx. 

This is fixed in OpenSSL upstream commit via:

https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=af58be768ebb690f78530f796e92b8ae5c9a4401

Comment 6 Huzaifa S. Sidhpurwala 2016-10-20 06:46:00 UTC
CVE-2016-8610 was assigned to this issue.

Comment 7 Nikos Mavrogiannopoulos 2016-10-20 06:49:38 UTC
The same issue may also affect gnutls servers. However, as gnutls delegates the burden of warning alerts to the application, there may be servers not vulnerable. I think the openssl fix of adding a maximum number of received handshakes is reasonable and there is already a similar at gnutls.

https://gitlab.com/gnutls/gnutls/commit/1ffb827e45721ef56982d0ffd5c5de52376c428e

Comment 8 Huzaifa S. Sidhpurwala 2016-10-24 14:02:47 UTC
Statement:

This flaw affects applications that are compiled against OpenSSL or GnuTLS and do not allocate an extra thread for processing ClientHello messages. Nginx is affected by this issue; Apache httpd is not affected by this issue. This issue has been rated as having a security impact of Moderate. It requires an attacker to send a very large amount of SSL ALERT messages to the host network connection. This issue can also be mitigated by configuring firewalls to limit the number of connections per IP address, or use deep packet inspection to reject these type of alert packets. A future update may address this issue.

Comment 9 Huzaifa S. Sidhpurwala 2016-10-25 03:12:40 UTC
Public via:

http://seclists.org/oss-sec/2016/q4/224

Comment 10 Huzaifa S. Sidhpurwala 2016-10-25 05:18:47 UTC
Notes:

1.  All nginx versions with SSL support compiled in and openssl 1.0.1*, <=1.0.2i, <=1.1.0a are affected.

2.  To provide a complete single nginx worker lockup an attacker should be able to provide a rather big SSL ALERT messages flow comparable to the host network connection bandwidth, which is often difficult to achieve.

3. This type of attack can be controlled by various means on the network layer for example by configuring firewalls to limit number of connections per ip address, use deep packet inspection to reject these type of alert packets etc.

Comment 14 Huzaifa S. Sidhpurwala 2016-10-26 03:24:32 UTC
External Reference:

http://security.360.cn/cve/CVE-2016-8610

Comment 15 Huzaifa S. Sidhpurwala 2016-10-26 03:35:10 UTC
Created gnutls tracking bugs for this issue:

Affects: fedora-all [bug 1388728]

Comment 16 Huzaifa S. Sidhpurwala 2016-10-26 03:35:20 UTC
Created openssl101e tracking bugs for this issue:

Affects: epel-5 [bug 1388727]

Comment 17 Huzaifa S. Sidhpurwala 2016-10-26 03:35:26 UTC
Created openssl tracking bugs for this issue:

Affects: fedora-all [bug 1388725]

Comment 18 Huzaifa S. Sidhpurwala 2016-10-26 03:35:32 UTC
Created mingw-openssl tracking bugs for this issue:

Affects: fedora-all [bug 1388726]

Comment 27 errata-xmlrpc 2017-02-20 10:56:34 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6
  Red Hat Enterprise Linux 7

Via RHSA-2017:0286 https://rhn.redhat.com/errata/RHSA-2017-0286.html

Comment 29 errata-xmlrpc 2017-03-21 09:04:20 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2017:0574 https://rhn.redhat.com/errata/RHSA-2017-0574.html

Comment 30 Martin Prpič 2017-06-06 14:59:41 UTC
Acknowledgments:

Name: Shi Lei (Gear Team of Qihoo 360 Inc.)

Comment 31 errata-xmlrpc 2017-06-07 17:44:27 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Core Services

Via RHSA-2017:1415 https://access.redhat.com/errata/RHSA-2017:1415

Comment 32 errata-xmlrpc 2017-06-07 17:56:04 UTC
This issue has been addressed in the following products:

  JBoss Core Services on RHEL 6

Via RHSA-2017:1414 https://access.redhat.com/errata/RHSA-2017:1414

Comment 33 errata-xmlrpc 2017-06-07 17:58:46 UTC
This issue has been addressed in the following products:

  JBoss Core Services on RHEL 7

Via RHSA-2017:1413 https://access.redhat.com/errata/RHSA-2017:1413

Comment 35 errata-xmlrpc 2017-06-28 20:02:20 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform

Via RHSA-2017:1659 https://access.redhat.com/errata/RHSA-2017:1659

Comment 36 errata-xmlrpc 2017-06-28 20:21:21 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7
  Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6

Via RHSA-2017:1658 https://access.redhat.com/errata/RHSA-2017:1658

Comment 37 errata-xmlrpc 2017-08-21 15:25:55 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Web Server 2

Via RHSA-2017:2494 https://access.redhat.com/errata/RHSA-2017:2494

Comment 38 errata-xmlrpc 2017-08-21 15:34:44 UTC
This issue has been addressed in the following products:

  Red Hat JBoss Enterprise Web Server 2 for RHEL 6
  Red Hat JBoss Enterprise Web Server 2 for RHEL 7

Via RHSA-2017:2493 https://access.redhat.com/errata/RHSA-2017:2493