Bug 1179863 (CVE-2014-9423)

Summary: CVE-2014-9423 krb5: libgssrpc server applications leak uninitialized bytes (MITKRB5-SA-2015-001)
Product: [Other] Security Response Reporter: Vasyl Kaigorodov <vkaigoro>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: bbaranow, bmaxwell, cdewolf, csutherl, dandread, darran.lofthouse, dknox, dpal, fnasser, grocha, jason.greene, jawilson, jboss-set, jclere, jdoyle, jplans, jrusnack, lgao, myarboro, nalin, pgier, pkis, psakar, pslavice, rmainz, rsvoboda, security-response-team, twalsh, vtunka, weli
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
An information disclosure flaw was found in the way MIT Kerberos RPCSEC_GSS implementation (libgssrpc) handled certain requests. An attacker could send a specially crafted request to an application using libgssrpc to disclose a limited portion of uninitialized memory used by that application.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2015-03-06 10:23:47 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1181208, 1188869    
Bug Blocks: 1179866    

Description Vasyl Kaigorodov 2015-01-07 16:51:24 UTC 
Upstream reports that libgssrpc applications including kadmind output four or
eight bytes of uninitialized memory to the network as part of an
unused "handle" field in replies to clients.

An attacker could attempt to glean sensitive
information from the four or eight bytes of uninitialized data output
by kadmind or other libgssrpc server application.  Because MIT krb5
generally sanitizes memory containing krb5 keys before freeing it, it
is unlikely that kadmind would leak Kerberos key information, but it
is not impossible.

RFC 2203 defines structures for the RPCSEC_GSS authentication flavor.
The rpc_gss_init_res structure which conveys responses to the client
contains an opaque "handle" field which is supposed to be used to
identify the GSS-API security context.  The client mirrors this field
back to the server in the "handle" field of rpc_gss_cred_vers_1_t in
subsequent requests.

The MIT krb5 implementation of RPCSEC_GSS does not use the handle to
find the GSS-API context, but it still provides a handle value to the
client.  To provide this value, it copies the first eight or sixteen
bytes out of the GSS-API security context handle.  (The number of
bytes depends on the platform's pointer size; it is eight bytes on a
32-bit platform and sixteen bytes on a 64-bit platform.)

In release krb5-1.11, an unused "interposer" field was added to the
mechglue GSS security context structure as the second pointer field.
Because this field is unused, it remains uninitialized, so the second
half of the bytes copied from the GSS security context handle are
uninitialized.

The contents of the uninitialized bytes could contain any heap data
previously freed by the application or any library it uses.  The MIT
Kerberos libraries and kadmind are generally careful to zero out
sensitive data such as Kerberos key data before freeing it, but there
is nevertheless a risk of leakage of a small amount of sensitive data
to the network.

Suggested patch to fix this issue, as well as CVE-2014-5352, CVE-2014-9421
and CVE-2014-9422 is attached to https://bugzilla.redhat.com/show_bug.cgi?id=1179856
Comment 1 Vasyl Kaigorodov 2015-01-07 17:02:58 UTC 
Acknowledgements:

Red Hat would like to thank the MIT Kerberos project for reporting this issue.
Comment 2 Vasyl Kaigorodov 2015-01-12 15:19:29 UTC 
According to MIT, server software (including third-party applications) using libgssrpc from release krb5-1.11 and later are vulnerable.
Comment 4 Vincent Danen 2015-01-12 16:30:25 UTC 
krb5 as shipped with Red Hat Enterprise Linux 5 and 6 are not affected by this as the flaw as noted in the upstream advisory was introduced in 1.11.
Comment 5 Vincent Danen 2015-02-03 21:20:36 UTC 
External References:

http://web.mit.edu/Kerberos/advisories/MITKRB5-SA-2015-001.txt
Comment 6 Vincent Danen 2015-02-03 21:22:17 UTC 
Statement:

This issue did not affect the versions of krb5 as shipped with Red Hat Enterprise Linux 5 and 6 as the flaw was introduced in a later version (1.11).
Comment 7 Vincent Danen 2015-02-03 21:38:47 UTC 
Created krb5 tracking bugs for this issue:

Affects: fedora-all [bug 1188869]
Comment 8 Tomas Hoger 2015-02-04 19:44:58 UTC 
Upstream commit:

https://github.com/krb5/krb5/commit/5bb8a6b9c9eb8dd22bc9526751610aaa255ead9c
Comment 9 errata-xmlrpc 2015-03-05 10:01:46 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2015:0439 https://rhn.redhat.com/errata/RHSA-2015-0439.html
Comment 10 Fedora Update System 2015-03-09 08:18:27 UTC 
krb5-1.11.5-18.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 11 Fedora Update System 2015-03-12 16:33:47 UTC 
krb5-1.12.2-14.fc21 has been pushed to the Fedora 21 stable repository.  If problems still persist, please make note of it in this bug report.