1004452 – (CVE-2013-4294) CVE-2013-4294 OpenStack: Keystone Token revocation failure using Keystone memcache/KVS backends

Bug 1004452 (CVE-2013-4294) - CVE-2013-4294 OpenStack: Keystone Token revocation failure using Keystone memcache/KVS backends

Summary: CVE-2013-4294 OpenStack: Keystone Token revocation failure using Keystone mem...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2013-4294
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1004461 1004462 1004463
Blocks:	1004460
TreeView+	depends on / blocked

Reported:	2013-09-04 16:24 UTC by Kurt Seifried
Modified:	2023-10-18 15:42 UTC (History)
CC List:	15 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2013-09-25 17:59:17 UTC
Embargoed:

Attachments	(Terms of Use)
CVE-2013-4294-folsom.patch (5.53 KB, patch) 2013-09-04 16:26 UTC, Kurt Seifried	no flags	Details \| Diff
CVE-2013-4294-grizzly.patch (5.57 KB, patch) 2013-09-04 16:27 UTC, Kurt Seifried	no flags	Details \| Diff
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2013:1285	0	normal	SHIPPED_LIVE	Moderate: openstack-keystone security update	2013-09-25 20:16:52 UTC

Description Kurt Seifried 2013-09-04 16:24:39 UTC

Thierry Carrez reports:

Title: Token revocation failure using Keystone memcache/KVS backends
Reporter: Kieran Spear (University of Melbourne)
Products: Keystone
Affects: Folsom, Grizzly

Description:
Kieran Spear from the University of Melbourne reported a vulnerability
in Keystone memcache and KVS token backends. The PKI token revocation
lists stored the entire token instead of the token ID, triggering
comparison failures, ultimately resulting in revoked PKI tokens still
being considered valid. Only Folsom and Grizzly Keystone setups making
use of PKI tokens with the memcache or KVS token backends are affected.
Havana setups, setups using UUID tokens, or setups using PKI tokens with
the SQL token backend are all unaffected.

Comment 1 Kurt Seifried 2013-09-04 16:26:37 UTC

Created attachment 793753 [details]
CVE-2013-4294-folsom.patch

Comment 2 Kurt Seifried 2013-09-04 16:27:52 UTC

Created attachment 793754 [details]
CVE-2013-4294-grizzly.patch

Comment 5 Vincent Danen 2013-09-11 15:52:51 UTC

This is now public:

http://www.openwall.com/lists/oss-security/2013/09/11/5

Comment 6 Alan Pevec 2013-09-12 22:49:14 UTC

> This is now public:

Please create [fedora-all] clone.

Comment 8 errata-xmlrpc 2013-09-25 16:18:44 UTC

This issue has been addressed in following products:

  OpenStack 3 for RHEL 6

Via RHSA-2013:1285 https://rhn.redhat.com/errata/RHSA-2013-1285.html

Note You need to log in before you can comment on or make changes to this bug.