Bug 1103593 - (CVE-2014-0221) CVE-2014-0221 openssl: DoS when sending invalid DTLS handshake
CVE-2014-0221 openssl: DoS when sending invalid DTLS handshake
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20140605,repor...
: Security
Depends On: 1096233 1096234 1103604 1103605 1103632 1103633 1103741 1104349 1104350 1104970 1104988 1127831 1127832 1127888 1127889
Blocks: 1064757 1103601 1116304 1127468
  Show dependency treegraph
 
Reported: 2014-06-02 03:25 EDT by Huzaifa S. Sidhpurwala
Modified: 2016-04-26 21:46 EDT (History)
51 users (show)

See Also:
Fixed In Version: openssl 1.0.1h, openssl 1.0.0m, openssl 0.9.8za
Doc Type: Bug Fix
Doc Text:
A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-08-14 06:54:29 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Upstream patch (1.04 KB, patch)
2014-06-02 04:30 EDT, Huzaifa S. Sidhpurwala
no flags Details | Diff


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2014:0625 normal SHIPPED_LIVE Important: openssl security update 2014-06-05 11:50:21 EDT
Red Hat Product Errata RHSA-2014:0628 normal SHIPPED_LIVE Important: openssl security update 2014-06-05 12:12:30 EDT
Red Hat Product Errata RHSA-2014:0679 normal SHIPPED_LIVE Important: openssl security update 2014-06-10 12:23:51 EDT
Red Hat Product Errata RHSA-2014:1021 normal SHIPPED_LIVE Important: Red Hat JBoss Enterprise Application Platform 6.3.0 update 2014-08-06 14:52:25 EDT
Red Hat Product Errata RHSA-2014:1053 normal SHIPPED_LIVE Moderate: openssl security update 2014-08-13 18:18:41 EDT
Red Hat Product Errata RHSA-2014:1086 normal SHIPPED_LIVE Important: Red Hat JBoss Web Server 2.1.0 update 2014-08-21 15:30:27 EDT

  None (edit)
Description Huzaifa S. Sidhpurwala 2014-06-02 03:25:42 EDT
As per the upstream advisory:

By sending an invalid DTLS handshake to an OpenSSL DTLS client, the code can be made to recurse, eventually crashing in a DoS attack.

Only applications using OpenSSL as a DTLS client are affected.

OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za
OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m.
OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h.
.

Acknowledgements:

Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges Imre Rad of Search-Lab as the original reporter of this issue.
Comment 2 Huzaifa S. Sidhpurwala 2014-06-02 04:30:49 EDT
Created attachment 901374 [details]
Upstream patch
Comment 8 Huzaifa S. Sidhpurwala 2014-06-04 04:51:33 EDT
Statement:

(none)
Comment 10 Huzaifa S. Sidhpurwala 2014-06-05 07:32:26 EDT
Fixed upstream in OpenSSL 1.0.1h, 1.0.0m and 0.9.8za.

External References:

https://www.openssl.org/news/secadv_20140605.txt
Comment 12 errata-xmlrpc 2014-06-05 07:54:11 EDT
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2014:0625 https://rhn.redhat.com/errata/RHSA-2014-0625.html
Comment 13 Huzaifa S. Sidhpurwala 2014-06-05 08:13:32 EDT
Created openssl tracking bugs for this issue:

Affects: fedora-all [bug 1096233]
Comment 14 Huzaifa S. Sidhpurwala 2014-06-05 08:13:38 EDT
Created mingw-openssl tracking bugs for this issue:

Affects: fedora-all [bug 1096234]
Comment 15 errata-xmlrpc 2014-06-05 08:16:01 EDT
This issue has been addressed in following products:

  Red Hat Storage 2.1

Via RHSA-2014:0628 https://rhn.redhat.com/errata/RHSA-2014-0628.html
Comment 16 Fedora Update System 2014-06-05 17:53:57 EDT
openssl-1.0.1e-38.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 17 Fedora Update System 2014-06-05 17:54:53 EDT
openssl-1.0.1e-38.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 18 errata-xmlrpc 2014-06-10 08:28:22 EDT
This issue has been addressed in following products:

  Red Hat Enterprise Linux 7

Via RHSA-2014:0679 https://rhn.redhat.com/errata/RHSA-2014-0679.html
Comment 19 Prabhakar Pujeri 2014-06-11 03:44:32 EDT
is there Errata for RHEL 5.9 ?
Comment 20 Tomas Hoger 2014-06-11 04:27:41 EDT
(In reply to Prabhakar Pujeri from comment #19)
> is there Errata for RHEL 5.9 ?

Please direct this question to Red Hat Support:
https://access.redhat.com/site/support
Comment 23 Martin Prpič 2014-08-06 04:02:27 EDT
IssueDescription:

A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash.
Comment 28 errata-xmlrpc 2014-08-06 10:53:02 EDT
This issue has been addressed in following products:

  JBoss Enterprise Application Platform 6.3.0

Via RHSA-2014:1021 https://rhn.redhat.com/errata/RHSA-2014-1021.html
Comment 30 Tomas Hoger 2014-08-07 14:39:07 EDT
Created mingw32-openssl tracking bugs for this issue:

Affects: epel-5 [bug 1127888]
Comment 31 errata-xmlrpc 2014-08-13 14:19:00 EDT
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2014:1053 https://rhn.redhat.com/errata/RHSA-2014-1053.html
Comment 32 errata-xmlrpc 2014-08-21 11:32:37 EDT
This issue has been addressed in following products:

  JBoss Web Server 2.1.0

Via RHSA-2014:1086 https://rhn.redhat.com/errata/RHSA-2014-1086.html

Note You need to log in before you can comment on or make changes to this bug.