Bug 1055014 (CVE-2013-7295)

Summary: CVE-2013-7295 tor: improper random number generation on certain Intel platforms with OpenSSL 1.x
Product: [Other] Security Response Reporter: Vincent Danen <vdanen>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: jrusnack, lmacken, ohadlevy, pwouters
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-11-11 16:04:02 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Vincent Danen 2014-01-18 00:28:13 UTC 
Common Vulnerabilities and Exposures assigned an identifier CVE-2013-7295 to
the following vulnerability:

Name: CVE-2013-7295
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7295
Assigned: 20140117
Reference: https://lists.torproject.org/pipermail/tor-talk/2013-December/031483.html

Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a
certain HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge
platforms, does not properly generate random numbers for (1) relay
identity keys and (2) hidden-service identity keys, which might make
it easier for remote attackers to bypass cryptographic protection
mechanisms via unspecified vectors.


NOTE: while EPEL5 ships a vulnerable version of tor, Red Hat Enterprise Linux 5 ships with 0.9.8e and is thus unaffected.
Comment 1 Fedora Update System 2014-11-09 15:42:27 UTC 
tor-0.2.4.25-1.el5 has been pushed to the Fedora EPEL 5 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 2 Jamie Nguyen 2014-11-11 16:04:02 UTC 
All active branches of Fedora and EPEL now have tor 0.2.4.25 and are thus no longer affected by this bug.