Bug 1152953 (CVE-2014-3513)

Summary: CVE-2014-3513 openssl: SRTP memory leak causes crash when using specially-crafted handshake message
Product: [Other] Security Response Reporter: Huzaifa S. Sidhpurwala <huzaifas>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: acathrow, bmcclain, cdewolf, cfergeau, cmmiller, dahjelle.redhat.com, dandread, darran.lofthouse, fnasser, grocha, huwang, idith, jason.greene, jawilson, jclere, jdoyle, just4nick, lgao, lsurette, michal.skrivanek, mjc, myarboro, pslavice, rh-spice-bugs, rsvoboda, sardella, security-response-team, srevivo, vtunka, weli, ykaul
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: openssl 1.0.1j Doc Type: Bug Fix
Doc Text:
A memory leak flaw was found in the way OpenSSL parsed the DTLS Secure Real-time Transport Protocol (SRTP) extension data. A remote attacker could send multiple specially crafted handshake messages to exhaust all available memory of an SSL/TLS or DTLS server.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2021-10-20 10:46:24 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1152854, 1152855, 1152856, 1152857, 1154551    
Bug Blocks: 1152790, 1155552    

Description Huzaifa S. Sidhpurwala 2014-10-15 09:27:43 UTC 
OpenSSL upstream reported the following security flaw:

A flaw in the DTLS SRTP extension parsing code allows an attacker, who sends a carefully crafted handshake message, to cause OpenSSL to fail to free up to 64k of memory causing a memory leak. This could be exploited in a Denial Of Service attack. This issue affects OpenSSL 1.0.1 server implementations for both SSL/TLS and DTLS regardless of whether SRTP is used or configured. Implementations of OpenSSL that have been compiled with OPENSSL_NO_SRTP defined are not affected.

OpenSSL 1.0.1 users should upgrade to 1.0.1j.

This issue was reported to OpenSSL on 26th September 2014, based on an original issue and patch developed by the LibreSSL project. Further analysis of the issue was performed by the OpenSSL team.

The fix was developed by the OpenSSL team.

External Reference:

https://www.openssl.org/news/secadv_20141015.txt
Comment 2 Huzaifa S. Sidhpurwala 2014-10-15 14:04:59 UTC 
Upstream patch:

OpenSSL-1.0.1:
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2b0532f3984324ebe1236a63d15893792384328d
Comment 3 Martin Prpič 2014-10-15 16:29:05 UTC 
IssueDescription:

A memory leak flaw was found in the way OpenSSL parsed the DTLS Secure Real-time Transport Protocol (SRTP) extension data. A remote attacker could send multiple specially crafted handshake messages to exhaust all available memory of an SSL/TLS or DTLS server.
Comment 4 Tomas Hoger 2014-10-15 19:44:09 UTC 
Fixed upstream in OpenSSL version 1.0.1j:

https://www.openssl.org/news/secadv_20141015.txt
Comment 7 Arun Babu Neelicattu 2014-10-16 04:46:16 UTC 
Statement:

This issue did not affect the versions of OpenSSL as shipped with Red Hat Enterprise Linux 5, Red Hat JBoss Enterprise Application Platform 5 and 6, and Red Hat Enterprise JBoss Enterprise Web Server 1 and 2.
Comment 8 errata-xmlrpc 2014-10-16 15:00:06 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6
  Red Hat Enterprise Linux 7

Via RHSA-2014:1652 https://rhn.redhat.com/errata/RHSA-2014-1652.html
Comment 11 errata-xmlrpc 2014-10-22 17:16:50 UTC 
This issue has been addressed in the following products:

  Red Hat Storage 2.1

Via RHSA-2014:1692 https://rhn.redhat.com/errata/RHSA-2014-1692.html