Bug 1764018 (CVE-2019-13627)

Summary: CVE-2019-13627 libgcrypt: ECDSA timing attack allowing private key leak
Product: [Other] Security Response Reporter: msiddiqu
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: cfergeau, erik-fedora, fidencio, huzaifas, kyoshida, marcandre.lureau, mkaplan, rh-spice-bugs, rjones, tmraz
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: libgcrypt 1.8.5 Doc Type: If docs needed, set a value
Doc Text:
A timing attack was found in the way ECCDSA was implemented in libgcrypt. A man-in-the-middle attacker could use this attack during signature generation to recover the private key. This attack is only feasible when the attacker is local to the machine where the signature is being generated. Attacks over the network or via the internet are not feasible.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2020-11-04 02:22:43 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1764019, 1764020, 1764021, 1764918    
Bug Blocks: 1760783    

Description msiddiqu 2019-10-22 07:32:56 UTC 
It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library

Fixed Release Info:
https://dev.gnupg.org/T4683

Upstream commits: 
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=b9577f7c89b4327edc09f2231bc8b31521102c79
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=7c2943309d14407b51c8166c4dcecb56a3628567
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=b9577f7c89b4327edc09f2231bc8b31521102c79 (master)
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=7c2943309d14407b51c8166c4dcecb56a3628567 (master)
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=d5407b78cca9f9d318a4f4d2f6ba2b8388584cd9 (1.8.5)
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=db4e9976cc31b314aafad6626b2894e86ee44d60 (1.8.5)

Upstream release: 
https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5

References: 
 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=938938
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00060.html
http://www.openwall.com/lists/oss-security/2019/10/02/2
https://lists.debian.org/debian-lts-announce/2019/09/msg00024.html
https://minerva.crocs.fi.muni.cz/
https://security-tracker.debian.org/tracker/CVE-2019-13627
https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000440.html
Comment 1 msiddiqu 2019-10-22 07:33:20 UTC 
Created libgcrypt tracking bugs for this issue:

Affects: fedora-all [bug 1764019]


Created mingw-libgcrypt tracking bugs for this issue:

Affects: epel-7 [bug 1764021]
Affects: fedora-all [bug 1764020]
Comment 2 Huzaifa S. Sidhpurwala 2019-10-24 03:49:44 UTC 
Statement:

The versions of libgcrypt shipped with Red Hat Enterprise Linux 5, 6 and 7 do not support ECC, therefore they are not affected by this flaw.
Comment 3 Huzaifa S. Sidhpurwala 2019-10-24 03:49:49 UTC 
External References:

https://github.com/gpg/libgcrypt/releases/tag/libgcrypt-1.8.5
https://dev.gnupg.org/T4683
Comment 8 errata-xmlrpc 2020-11-04 01:22:12 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:4482 https://access.redhat.com/errata/RHSA-2020:4482
Comment 9 Product Security DevOps Team 2020-11-04 02:22:43 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2019-13627