Bug 1657565 (CVE-2018-16875)
| Summary: | CVE-2018-16875 golang: crypto/x509 allows for denial of service via crafted TLS client certificate | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Sam Fowler <sfowler> | ||||||
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||||
| Status: | CLOSED ERRATA | QA Contact: | |||||||
| Severity: | medium | Docs Contact: | |||||||
| Priority: | medium | ||||||||
| Version: | unspecified | CC: | abhgupta, admiller, ahardin, amurdaca, bleanhar, bmontgom, ccoleman, dbaker, dedgar, deparker, eparis, jburrell, jcajka, jgoulding, jjoyce, jokerman, jschluet, lemenkov, lhh, lpeer, mburns, mchappel, mmccomas, nstielau, renich, sclewis, security-response-team, sfowler, sisharma, slinaber, sponnaga, sthangav, tbielawa, trankin | ||||||
| Target Milestone: | --- | Keywords: | Security | ||||||
| Target Release: | --- | ||||||||
| Hardware: | All | ||||||||
| OS: | Linux | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | golang 1.10.6, golang 1.11.3 | Doc Type: | If docs needed, set a value | ||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2021-10-27 03:21:02 UTC | Type: | --- | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Bug Depends On: | 1659290, 1659910, 1659911, 1659912, 1660381, 1661490, 1661491, 1661492, 1661493, 1661494, 1661495, 1663371, 1663381, 1664332, 1732081, 1732082, 1732083, 1732084 | ||||||||
| Bug Blocks: | 1657559 | ||||||||
| Attachments: |
|
||||||||
|
Description
Sam Fowler
2018-12-10 01:01:23 UTC
The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected. Acknowledgments: Name: Dmitri Shuralyov (the Go team) Created golang tracking bugs for this issue: Affects: fedora-all [bug 1659290] The Red Hat OpenStack Operational Tools repository for OpenStack 8 and OpenStack 9 contains a version of golang that is not affected by this vulnerability. Additionally, golang, as provided in this repository is not supported. openshift-enterprise-3.11: malicious requests against the API server can lead to excessive CPU consumption and Denial of Service. Red Hat Product Security will update this flaw regarding other currently supported OpenShift releases shortly. Adjusted CVSSv3 AC:H -> AC:L Created attachment 1515545 [details]
"oc describe" availability/throughput during 50x requests w/pathological certs
This data is truncated for brevity: the test was started some 10s of seconds prior to the beginning of this time series.
The test consisted of 50x backgrounded kubectl invocations with pathological client certificates against all three api masters (150 invocations, however with only 1 vCPU to process them).
The data was logged with:
[master-2 ~]$ while true; do date=$(date); oc describe node master-0 >/dev/null && echo "$date ok" || echo "$date FAIL"; sleep 1; done
Created attachment 1515546 [details]
"oc describe" availability/throughput during 50x requests w/no certs
The test consisted of 50x backgrounded kubectl invocations without client certificates against all three api masters (150 invocations, however with only 1 vCPU to process them).
The data was logged with:
[master-2 ~]$ while true; do date=$(date); oc describe node master-0 >/dev/null && echo "$date ok" || echo "$date FAIL"; sleep 1; done
openshift-enterprise-3.11: could not make master nodes NotReady w/~50 simultaneous kubectl requests (albeit only 1x vCPU). However, it was possible to create intermittent API availability issues: - [attachment 1515545 [details]] shows api performance during 50 kubectl requests using pathological certificates. It goes from ~30 reqs/min (1s sleep after each request) down to ~2 reqs/min. It also shows intermittent failure "Unable to connect to the server: unexpected EOF", and "Unable to connect to the server: net/http: TLS handshake timeout" - [attachment 1515546 [details]] shows api performance during 50 kubectl requests without any --certificate option. It stays steady at ~33 reqs/min (1s sleep after each request) for the duration of the test, which completes in around 1:10s. The kubectl invocations return with "Error from server (Forbidden): services is forbidden: User "system:anonymous" cannot list services in the namespace "kube-system": no RBAC policy matched" (as the node conducting the test is not authenticated). More vCPUs or an optimized client for generating the requests with pathological certificates may have resulted in more disruption. Reproducer, chain 200 long: 2018/12/19 05:28:02 1m28.287529165s Reproducer, chain 2 long: 2018/12/19 05:31:47 41.003984ms One naive interpretation of 88.2875s vs 0.0410s = factor of 2153 increase in work which a potential attacker can cause in TLS authentication. External Reference: https://groups.google.com/forum/?pli=1#!topic/golang-announce/Kw31K8G7Fi0 https://apisecurity.io/mutual-tls-authentication-vulnerability-in-go-cve-2018-16875/ Upstream Issue: https://golang.org/issue/29233 Created golang tracking bugs for this issue: Affects: epel-all [bug 1664332] Created golang:1.10/golang tracking bugs for this issue: Affects: fedora-all [bug 1663381] Statement: This issue affects the version of golang package in Red Hat Enterprise Linux 7. The golang package, previously available in the Optional channel, will no longer receive updates in Red Hat Enterprise Linux 7. Developers are encouraged to use the Go Toolset instead, which is available through the Red Hat Developer program. https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.6_release_notes/chap-red_hat_enterprise_linux-7.6_release_notes-deprecated_functionality_in_rhel7#idm139716309923696 |