Bug 1591100 (CVE-2018-0732)
Summary: | CVE-2018-0732 openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Sam Fowler <sfowler> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | bmaxwell, cdewolf, chazlett, csutherl, darran.lofthouse, dimitris, dmoppert, dosoudil, erik-fedora, fgavrilo, gzaronik, jawilson, jclere, jondruse, jorton, ktietz, lersek, lgao, marcandre.lureau, mbabacek, mturk, myarboro, pgier, pjurak, ppalaga, psakar, pslavice, rjones, rnetuka, rstancel, rsvoboda, sardella, sstavrev, szidek, tmraz, twalsh, vtunka, weli, yozone |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | openssl 1.1.0i, openssl 1.0.2p | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2019-06-10 10:29:05 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1591101, 1591102, 1591806, 1599202 | ||
Bug Blocks: | 1591103 |
Description
Sam Fowler
2018-06-14 05:11:12 UTC
Created mingw-openssl tracking bugs for this issue: Affects: fedora-all [bug 1591102] Created openssl tracking bugs for this issue: Affects: fedora-all [bug 1591101] Analysis: This is essentially a client crash. When a client complied with openssl connects to a malicious server, the server can send a very large prime in a DHKE handshake. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. This flaw cannot be used to attack the openssl server. This issue has been addressed in the following products: Red Hat OpenShift Application Runtimes Node.js 8 Via RHSA-2018:2552 https://access.redhat.com/errata/RHSA-2018:2552 This issue has been addressed in the following products: Red Hat OpenShift Application Runtimes Node.js 10 Via RHSA-2018:2553 https://access.redhat.com/errata/RHSA-2018:2553 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2018:3221 https://access.redhat.com/errata/RHSA-2018:3221 This vulnerability is out of security support scope for the following product: * Red Hat Enterprise Application Platform 5 Please refer to https://access.redhat.com/support/policy/updates/jboss_notes for more details. This issue has been addressed in the following products: JBoss Core Services Apache HTTP Server 2.4.29 SP2 Via RHSA-2019:1296 https://access.redhat.com/errata/RHSA-2019:1296 This issue has been addressed in the following products: JBoss Core Services on RHEL 7 JBoss Core Services on RHEL 6 Via RHSA-2019:1297 https://access.redhat.com/errata/RHSA-2019:1297 This issue has been addressed in the following products: JBoss Core Services Apache HTTP Server 2.4.29 SP2 Via RHSA-2019:1543 https://access.redhat.com/errata/RHSA-2019:1543 |