Bug 1848507 (CVE-2020-13757)

Summary: CVE-2020-13757 python-rsa: decryption of ciphertext leads to DoS
Product: [Other] Security Response Reporter: Dhananjay Arunesh <darunesh>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: apevec, bdettelb, bmontgom, bperkins, dbecker, eparis, hvyas, jburrell, jjoyce, jmontleo, jokerman, jschluet, jschorr, lhh, lpeer, mburns, me, nstielau, rhos-maint, sclewis, slinaber, sponnaga, tomckay, yohangraterol92
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: python-rsa-4.1 Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the python-rsa package, where it does not explicitly check the ciphertext length against the key size and ignores the leading 0 bytes during the decryption of the ciphertext. This flaw allows an attacker to perform a ciphertext attack, leading to a denial of service. The highest threat from this vulnerability is to confidentiality.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2020-08-18 09:15:23 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1851171, 1848508, 1848509, 1850329, 1850330, 1850385, 1850966, 1851172, 1851173, 1851174, 1866148    
Bug Blocks: 1848510    

Description Dhananjay Arunesh 2020-06-18 13:22:07 UTC 
A vulnerability was found in Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application behavior (such as by causing excessive memory allocation).

References:
https://github.com/sybrenstuvel/python-rsa/issues/146
https://github.com/sybrenstuvel/python-rsa/issues/146#issuecomment-641845667
Comment 1 Dhananjay Arunesh 2020-06-18 13:22:57 UTC 
Created python-rsa tracking bugs for this issue:

Affects: epel-all [bug 1848509]
Affects: fedora-all [bug 1848508]
Comment 4 Przemyslaw Roguski 2020-06-23 10:14:05 UTC 
Upstream patch: https://github.com/sybrenstuvel/python-rsa/commit/93af6f2f89a9bf28361e67716c4240e691520f30
Comment 9 Nick Tait 2020-06-25 17:05:11 UTC 
Created python-rsa tracking bugs for this issue:

Affects: openstack-rdo [bug 1851171]
Comment 11 Nick Tait 2020-06-25 17:30:30 UTC 
External References:

https://github.com/sybrenstuvel/python-rsa/issues/146
Comment 13 errata-xmlrpc 2020-08-18 05:03:23 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.5

Via RHSA-2020:3453 https://access.redhat.com/errata/RHSA-2020:3453
Comment 14 Product Security DevOps Team 2020-08-18 09:15:23 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-13757
Comment 15 errata-xmlrpc 2020-08-26 22:46:55 UTC 
This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 3.11

Via RHSA-2020:3541 https://access.redhat.com/errata/RHSA-2020:3541
Comment 17 Nick Tait 2021-04-03 16:12:37 UTC 
Statement:

In Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP python-rsa package.