Bug 1330264 (CVE-2016-3704)

Summary: CVE-2016-3704 pulp: Unsafe use of bash $RANDOM for NSS DB password and seed
Product: [Other] Security Response Reporter: Kurt Seifried <kseifried>
Component: vulnerabilityAssignee: Nobody <nobody>
Status: POST --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: bkearney, bmbouter, cbillett, dkliban, ggainey, ipanova, mhrivnak, ohadlevy, pcreech, rchan, rhui-bugs, satellite6-bugs, ttereshc
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Pulp makes unsafe use of Bash's $RANDOM to generate a NSS DB password and seed resulting in insufficient randomness. An attacker could potentially guess the seed used given enough time and compute resources.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1330283, 1369890, 1399327    
Bug Blocks: 1330273, 1432305    

Description Kurt Seifried 2016-04-25 18:33:55 UTC 
Randy Barlow of Red Hat reports:


In working on another security issue in this same script, I noticed that 
Pulp's pulp-qpid-ssl-cfg script uses bash's $RANDOM in unsafe ways. One 
of them is already being fixed as part of another CVE (the TMP directory 
is unsafe, CVE-2016-3696), but the other two uses are:

0) The default NSS DB password is a single value from $RANDOM, 
limiting it to the strings from 0 to 32768:

https://github.com/pulp/pulp/blob/pulp-2.8.2-1/server/bin/pulp-qpid-ssl-cfg#L25 [Open URL]

1) The certutil -z flag receives a "noise file". The script uses $RANDOM to 
populate a file with numbers to generate this file:

https://github.com/pulp/pulp/blob/pulp-2.8.2-1/server/bin/pulp-qpid-ssl-cfg#L97-L105 [Open URL]

Since $RANDOM is used in this way, the seed file ends up having low 
diversity since only 11 possibly bytes appear in the file: 0-9 and newline.

I know that I can use pwgen to fix #0, but I'm not sure we want to depend 
on pwgen. One possibility is to avoid having a default password and force 
the user to provide one. Do you have a suggestion on a good way to 
make a password?

For #1 I will just grab 8 kB from /dev/urandom and call it a day.
Comment 1 Kurt Seifried 2016-04-25 18:34:07 UTC 
Acknowledgments:

Name: Randy Barlow (RedHat)
Comment 3 pulp-infra@redhat.com 2016-04-25 19:14:32 UTC 
The Pulp upstream bug status is at ASSIGNED. Updating the external tracker on this bug.
Comment 4 pulp-infra@redhat.com 2016-04-25 19:14:38 UTC 
The Pulp upstream bug priority is at Normal. Updating the external tracker on this bug.
Comment 5 pulp-infra@redhat.com 2016-04-25 21:33:38 UTC 
The Pulp upstream bug status is at POST. Updating the external tracker on this bug.
Comment 6 pulp-infra@redhat.com 2016-05-03 19:00:41 UTC 
The Pulp upstream bug status is at MODIFIED. Updating the external tracker on this bug.
Comment 7 pulp-infra@redhat.com 2016-05-26 20:30:48 UTC 
The Pulp upstream bug status is at ON_QA. Updating the external tracker on this bug.
Comment 8 pulp-infra@redhat.com 2016-05-31 17:30:41 UTC 
The Pulp upstream bug status is at MODIFIED. Updating the external tracker on this bug.
Comment 9 pulp-infra@redhat.com 2016-06-17 17:30:44 UTC 
The Pulp upstream bug status is at ON_QA. Updating the external tracker on this bug.
Comment 10 pulp-infra@redhat.com 2016-06-27 17:01:03 UTC 
The Pulp upstream bug status is at CLOSED - CURRENTRELEASE. Updating the external tracker on this bug.
Comment 11 Fedora Update System 2016-08-16 19:24:32 UTC 
pulp-2.8.6-1.fc24, pulp-docker-2.0.2-1.fc24, pulp-ostree-1.1.2-1.fc24, pulp-puppet-2.8.6-2.fc24, pulp-python-1.1.2-1.fc24, pulp-rpm-2.8.6-2.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.
Comment 13 pulp-infra@redhat.com 2016-11-21 21:02:07 UTC 
All upstream Pulp bugs are at MODIFIED+. Moving this bug to POST.
Comment 16 pulp-infra@redhat.com 2018-02-21 08:35:42 UTC 
All upstream Pulp bugs are at MODIFIED+. Moving this bug to POST.
Comment 17 errata-xmlrpc 2018-02-21 12:26:47 UTC 
This issue has been addressed in the following products:

  Red Hat Satellite 6.3 for RHEL 7

Via RHSA-2018:0336 https://access.redhat.com/errata/RHSA-2018:0336