Bug 1534139 (CVE-2018-2703)

Summary: CVE-2018-2703 mysql: sha256_password authentication DoS via hash with large rounds value
Product: [Other] Security Response Reporter: Tomas Hoger <thoger>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: apevec, chrisw, databases-maint, dciabrin, hhorak, jjoyce, jorton, jschluet, jstanek, kbasil, lhh, lpeer, markmc, mbayer, mburns, mmuzila, mschorm, praiskup, rbryant, sclewis, security-response-team, slinaber, srevivo, tdecacqu
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: mysql 5.6.39, mysql 5.7.21 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-03-26 11:30:37 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1533831, 1533832, 1533833, 1533834, 1535520    
Bug Blocks: 1509486, 1535524    

Description Tomas Hoger 2018-01-13 13:19:32 UTC 
The MySQL's sha256_password authentication plugin uses SHA256 crypt password hashing algorithm as defined in:

https://www.akkadia.org/drepper/SHA-crypt.txt

to hash user passwords for storing.  This algorithm makes it possible to adjust how expensive it is to compute password hash by adjusting the number of "rounds" of hashing.  The number of rounds is stored as part of a password hash.  The algorithm specification also defines the minimum and maximum number of rounds that can be used.  It was previously identified that the maximum number is rather high and causes hash computation to take excessive amount of time:

https://sourceware.org/bugzilla/show_bug.cgi?id=20616

However, this problem is only relevant if user can set their password in a system using SHA256 crypt by directly providing a malicious hash, and does not affect use case where users can only provide plain text passwords with hashing done by the system.

In MySQL 5.6, users with SQL access can set their password by directly providing password hash using: SET PASSWORD = '<hash>';  In MySQL 5.7, the <hash> string is considered to be a plain text password and is hashed again by the MySQL server.  Refer to the 'SET PASSWORD' syntax description in the MySQL 5.6 and 5.7 documentation:

https://dev.mysql.com/doc/refman/5.6/en/set-password.html
https://dev.mysql.com/doc/refman/5.7/en/set-password.html

Therefore in MySQL 5.6, a user with SQL access can set a password hash with many rounds for their account.  Any subsequent attempt to authenticate to that account will cause MySQL server to use an excessive amount of CPU.
Comment 1 Tomas Hoger 2018-01-13 13:19:35 UTC 
Acknowledgments:

Name: Red Hat Product Security
Comment 4 Tomas Hoger 2018-01-15 20:32:24 UTC 
This issue was fixed in MySQL 5.6.39 and 5.7.21:

https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-39.html
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-21.html

  Incompatible Change: Passwords are now restricted to a maximum of 256
  characters for the sha256_password authentication plugin, and for the
  PASSWORD() function when old_passwords=2. Also, the number of password
  hashing rounds is capped to limit CPU time used. (Bug #27099029,
  Bug #27194270)

Upstream commit:

https://github.com/mysql/mysql-server/commit/efb4087cfe12134e1541b39ee9a4305f7cd225f5
Comment 5 Tomas Hoger 2018-01-16 22:11:59 UTC 
This is now also public via Oracle CPU January 2018:

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixMSQL
Comment 7 errata-xmlrpc 2018-03-26 10:03:31 UTC 
This issue has been addressed in the following products:

  Red Hat Software Collections for Red Hat Enterprise Linux 6
  Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS
  Red Hat Software Collections for Red Hat Enterprise Linux 7
  Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS
  Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS

Via RHSA-2018:0587 https://access.redhat.com/errata/RHSA-2018:0587
Comment 8 errata-xmlrpc 2018-03-26 10:14:57 UTC 
This issue has been addressed in the following products:

  Red Hat Software Collections for Red Hat Enterprise Linux 6
  Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS
  Red Hat Software Collections for Red Hat Enterprise Linux 7
  Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS
  Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS

Via RHSA-2018:0586 https://access.redhat.com/errata/RHSA-2018:0586