Bug 1103586 (CVE-2014-0224) - CVE-2014-0224 openssl: SSL/TLS MITM vulnerability
Summary: CVE-2014-0224 openssl: SSL/TLS MITM vulnerability
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2014-0224
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1096233 1096234 Engineering1103604 Engineering1103605 Engineering1103606 Engineering1103607 Engineering1103608 Engineering1103609 Engineering1103610 Engineering1103611 Engineering1103632 Engineering1103633 Engineering1103634 Engineering1103635 Engineering1103653 Engineering1103654 Engineering1103655 Engineering1103656 Engineering1103657 Engineering1103659 Engineering1103723 Engineering1103724 Red Hat1103741 Red Hat1103885 Red Hat1103886 Red Hat1103887 Red Hat1103888 Embargoed1103889 Red Hat1103890 Engineering1104349 Engineering1104350 1127888 1127889
Blocks: Embargoed1103601 Embargoed1103903 Embargoed1103904 Embargoed1103905
TreeView+ depends on / blocked
 
Reported: 2014-06-02 07:17 UTC by Huzaifa S. Sidhpurwala
Modified: 2023-05-12 04:13 UTC (History)
51 users (show)

Fixed In Version: openssl 1.0.1h, openssl 1.0.0m, openssl 0.9.8za
Doc Type: Bug Fix
Doc Text:
It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server.
Clone Of:
Environment:
Last Closed: 2014-06-11 05:28:24 UTC

Attachments (Terms of Use)
Upstream patch (3.32 KB, patch)
2014-06-02 08:30 UTC, Huzaifa S. Sidhpurwala 		no flags Details | Diff
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2014:0624 0 normal SHIPPED_LIVE Important: openssl security update 2014-06-05 15:51:23 UTC
Red Hat Product Errata RHSA-2014:0625 0 normal SHIPPED_LIVE Important: openssl security update 2014-06-05 15:50:21 UTC
Red Hat Product Errata RHSA-2014:0626 0 normal SHIPPED_LIVE Important: openssl097a and openssl098e security update 2014-06-05 16:01:47 UTC
Red Hat Product Errata RHSA-2014:0627 0 normal SHIPPED_LIVE Important: openssl security update 2014-06-05 16:13:04 UTC
Red Hat Product Errata RHSA-2014:0628 0 normal SHIPPED_LIVE Important: openssl security update 2014-06-05 16:12:30 UTC
Red Hat Product Errata RHSA-2014:0629 0 normal SHIPPED_LIVE Important: rhev-hypervisor6 security update 2014-06-05 18:57:02 UTC
Red Hat Product Errata RHSA-2014:0630 0 normal SHIPPED_LIVE Important: Red Hat JBoss Enterprise Application Platform 5.2.0 security update 2014-06-05 18:56:58 UTC
Red Hat Product Errata RHSA-2014:0631 0 normal SHIPPED_LIVE Important: Red Hat JBoss Enterprise Application Platform 6.2.3 security update 2014-06-05 19:27:34 UTC
Red Hat Product Errata RHSA-2014:0632 0 normal SHIPPED_LIVE Important: Red Hat JBoss Web Server 2.0.1 openssl security update 2014-06-05 18:56:52 UTC
Red Hat Product Errata RHSA-2014:0633 0 normal SHIPPED_LIVE Important: Red Hat JBoss Enterprise Web Platform 5.2.0 security update 2014-06-05 18:56:31 UTC
Red Hat Product Errata RHSA-2014:0679 0 normal SHIPPED_LIVE Important: openssl security update 2014-06-10 16:23:51 UTC
Red Hat Product Errata RHSA-2014:0680 0 normal SHIPPED_LIVE Important: openssl098e security update 2014-06-10 16:23:43 UTC

Description Huzaifa S. Sidhpurwala 2014-06-02 07:17:00 UTC 
It was found that OpenSSL was vulnerable to a SSL/TLS MITM vulnerability. An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server.

As per the upstream advisory:

The attack can only be performed between a vulnerable client *and* server. OpenSSL clients are vulnerable in all versions of OpenSSL. Servers are only known to be vulnerable in OpenSSL 1.0.1 and 1.0.2-beta1. Users of OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution.

OpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za.
OpenSSL 1.0.0 SSL/TLS users (client and/or server) should upgrade to 1.0.0m.
OpenSSL 1.0.1 SSL/TLS users (client and/or server) should upgrade to 1.0.1h.


Acknowledgements:

Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges KIKUCHI Masashi of Lepidum as the original reporter of this issue.
Comment 4 Huzaifa S. Sidhpurwala 2014-06-02 08:30:26 UTC 
Created attachment 901373 [details]
Upstream patch
Comment 19 Huzaifa S. Sidhpurwala 2014-06-05 11:32:02 UTC 
External References:

https://www.openssl.org/news/secadv_20140605.txt
https://access.redhat.com/site/articles/904433
https://access.redhat.com/site/solutions/905793
Comment 20 Huzaifa S. Sidhpurwala 2014-06-05 11:35:51 UTC 
Upstream commits:

OpenSSL-1.0.1:
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bc8923b1ec9c467755cd86f7848c50ee8812e441
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=006cd7083f76ed5cb0d9a914857e9231ef1bc317

OpenSSL-0.9.8:
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=410a49a4fa1d2a1a9775ee29f9e40cbbda79c149
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=897169fdf06bf75b4d0c503d61abb45656dd90a6
Comment 21 Tomas Hoger 2014-06-05 11:39:35 UTC 
Fixed upstream in versions 1.0.1h, 1.0.0m and 0.9.8za.
Comment 22 errata-xmlrpc 2014-06-05 11:54:06 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2014:0625 https://rhn.redhat.com/errata/RHSA-2014-0625.html
Comment 23 errata-xmlrpc 2014-06-05 11:54:49 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2014:0624 https://rhn.redhat.com/errata/RHSA-2014-0624.html
Comment 24 errata-xmlrpc 2014-06-05 12:04:43 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5
  Red Hat Enterprise Linux 6

Via RHSA-2014:0626 https://rhn.redhat.com/errata/RHSA-2014-0626.html
Comment 25 Huzaifa S. Sidhpurwala 2014-06-05 12:12:30 UTC 
Created openssl tracking bugs for this issue:

Affects: fedora-all [bug 1096233]
Comment 26 Huzaifa S. Sidhpurwala 2014-06-05 12:12:34 UTC 
Created mingw-openssl tracking bugs for this issue:

Affects: fedora-all [bug 1096234]
Comment 27 errata-xmlrpc 2014-06-05 12:15:57 UTC 
This issue has been addressed in following products:

  Red Hat Storage 2.1

Via RHSA-2014:0628 https://rhn.redhat.com/errata/RHSA-2014-0628.html
Comment 28 errata-xmlrpc 2014-06-05 12:16:41 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 4 Extended Lifecycle Support
  Red Hat Enterprise Linux 5.6 Long Life
  Red Hat Enterprise Linux 5.9 EUS - Server Only
  Red Hat Enterprise Linux 6.3 EUS - Server and Compute Node Only
  Red Hat Enterprise Linux 6.4 EUS - Server and Compute Node Only
  Red Hat Enterprise Linux 6.2 AUS

Via RHSA-2014:0627 https://rhn.redhat.com/errata/RHSA-2014-0627.html
Comment 29 Vincent Danen 2014-06-05 14:52:32 UTC 
IssueDescription:

It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server.
Comment 30 errata-xmlrpc 2014-06-05 14:57:29 UTC 
This issue has been addressed in following products:

  Red Hat JBoss Enterprise Web Platform 5.2.0

Via RHSA-2014:0633 https://rhn.redhat.com/errata/RHSA-2014-0633.html
Comment 31 errata-xmlrpc 2014-06-05 14:58:26 UTC 
This issue has been addressed in following products:

  Red Hat JBoss Web Server 2.0.1

Via RHSA-2014:0632 https://rhn.redhat.com/errata/RHSA-2014-0632.html
Comment 32 errata-xmlrpc 2014-06-05 14:58:42 UTC 
This issue has been addressed in following products:

  Red Hat JBoss Enterprise Application Platform 5.2.0

Via RHSA-2014:0630 https://rhn.redhat.com/errata/RHSA-2014-0630.html
Comment 33 errata-xmlrpc 2014-06-05 14:58:57 UTC 
This issue has been addressed in following products:

  RHEV-H and Agents for RHEL-6

Via RHSA-2014:0629 https://rhn.redhat.com/errata/RHSA-2014-0629.html
Comment 34 errata-xmlrpc 2014-06-05 15:27:57 UTC 
This issue has been addressed in following products:

  Red Hat JBoss Enterprise Application Platform 6.2.3

Via RHSA-2014:0631 https://rhn.redhat.com/errata/RHSA-2014-0631.html
Comment 35 Fedora Update System 2014-06-05 21:53:51 UTC 
openssl-1.0.1e-38.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 36 Fedora Update System 2014-06-05 21:54:48 UTC 
openssl-1.0.1e-38.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 37 errata-xmlrpc 2014-06-10 12:25:01 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 7

Via RHSA-2014:0680 https://rhn.redhat.com/errata/RHSA-2014-0680.html
Comment 38 errata-xmlrpc 2014-06-10 12:28:15 UTC 
This issue has been addressed in following products:

  Red Hat Enterprise Linux 7

Via RHSA-2014:0679 https://rhn.redhat.com/errata/RHSA-2014-0679.html
Comment 41 Tomas Hoger 2014-08-07 18:38:37 UTC 
Created mingw32-openssl tracking bugs for this issue:

Affects: epel-5 [bug 1127888]
Note You need to log in before you can comment on or make changes to this bug.