Bug 598732 (CVE-2010-1633)

Summary: CVE-2010-1633 openssl: information leak due to invalid Return value check
Product: [Other] Security Response Reporter: Vincent Danen <vdanen>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: tmraz
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: public=20100601,reported=20100601,source=internet,rhel-6/openssl=notaffected/impact=low/cvss2=2.6/AV:N/AC:H/Au:N/C:P/I:N/A:N/,fedora-12/openssl=affected/impact=low/cvss2=2.6/AV:N/AC:H/Au:N/C:P/I:N/A:N/,fedora-13/openssl=affected/impact=low/cvss2=2.6/AV:N/AC:H/Au:N/C:P/I:N/A:N/
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-06-25 05:50:30 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On: 598735, 598736, 598737    
Bug Blocks:    

Description Vincent Danen 2010-06-01 18:51:34 EDT
From the upstream advisory [1]:

Invalid Return value check in pkey_rsa_verifyrecover
====================================================

When verification recovery fails for RSA keys an uninitialised buffer with an
undefined length is returned instead of an error code (CVE-2010-1633).

This bug is only present in OpenSSL 1.0.0 and only affects applications that
call the function EVP_PKEY_verify_recover(). As this function is not present
in previous versions of OpenSSL and not used by OpenSSL internal code very few
applications should be affected. The OpenSSL utility application "pkeyutl" does 
use this function.

Affected users should update to 1.0.0a which contains a patch to correct this
bug.

Thanks to Peter-Michael Hager for reporting this issue.

[1] http://www.openssl.org/news/secadv_20100601.txt
Comment 1 Vincent Danen 2010-06-01 18:53:52 EDT
Statement:

Not vulnerable. These issues did not affect the versions of OpenSSL as shipped with Red Hat Enterprise Linux 3, 4, or 5.
Comment 3 Vincent Danen 2010-06-01 18:54:34 EDT
Created openssl tracking bugs for this issue

Affects: fedora-12 [bug 598736]
Affects: fedora-13 [bug 598737]
Comment 4 Vincent Danen 2010-06-01 18:56:20 EDT
Upstream commit that corrects this issue:

http://cvs.openssl.org/chngview?cn=19693
Comment 5 Tomas Hoger 2010-06-02 04:31:02 EDT
(In reply to comment #4)
> Upstream commit that corrects this issue:
> http://cvs.openssl.org/chngview?cn=19693

Relevant part is crypto/rsa/rsa_pmeth.c change:
http://cvs.openssl.org/filediff?f=openssl/crypto/rsa/rsa_pmeth.c&v1=1.34&v2=1.34.2.1
Comment 6 Fedora Update System 2010-06-07 03:53:01 EDT
openssl-1.0.0a-1.fc13 has been submitted as an update for Fedora 13.
http://admin.fedoraproject.org/updates/openssl-1.0.0a-1.fc13
Comment 7 Fedora Update System 2010-06-07 03:53:33 EDT
openssl-1.0.0a-1.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/openssl-1.0.0a-1.fc12
Comment 8 Fedora Update System 2010-06-15 11:58:45 EDT
openssl-1.0.0a-1.fc13 has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 9 Fedora Update System 2010-06-16 13:43:52 EDT
openssl-1.0.0a-1.fc12 has been pushed to the Fedora 12 stable repository.  If problems still persist, please make note of it in this bug report.