Bug 2169477

Summary: CVE-2022-37967: MS-PAC extended KDC signature [rhel-8]
Product: Red Hat Enterprise Linux 8 Reporter: Julien Rische <jrische>
Component: krb5Assignee: Julien Rische <jrische>
Status: CLOSED CURRENTRELEASE QA Contact: Michal Polovka <mpolovka>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 8.7CC: frenaud, jwboyer, mjurasek, sumenon
Target Milestone: rcKeywords: Triaged, ZStream
Target Release: ---Flags: jrische: needinfo-
jrische: needinfo-
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: krb5-1.18.2-25.el8_8 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 2165827
: 2182135 2211390 (view as bug list) Environment:
Last Closed: 2023-11-21 10:58:36 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2165827    
Bug Blocks: 2166001, 2176406, 2182135, 2211390    

Description Julien Rische 2023-02-13 17:15:58 UTC 
+++ This bug was initially created as a clone of Bug #2165827 +++

A paper by Tom Tervoort[1] noted that computing the PAC privsvr checksum over only the server checksum is vulnerable to collision attacks. In response, Microsoft has added a second KDC checksum over the full contents of the PAC[2].

This change will be required for PAC signatures to be accepted by AD from the 2023-07-11[3].

[1] https://i.blackhat.com/EU-22/Thursday-Briefings/EU-22-Tervoort-Breaking-Kerberos-RC4-Cipher-and-Spoofing-Windows-PACs-wp.pdf
[2] https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-PAC/%5bMS-PAC%5d-20221212-diff.pdf
[3] https://support.microsoft.com/en-us/topic/kb5020805-how-to-manage-kerberos-protocol-changes-related-to-cve-2022-37967-997e9acc-67c5-48e1-8d0d-190269bf4efb

--- Additional comment from Julien Rische on 2023-01-31 08:50:37 UTC ---

The fix is available upstream:
https://github.com/krb5/krb5/pull/1284