Bug 1289841 - (CVE-2015-7575, SLOTH) CVE-2015-7575 TLS 1.2 Transcipt Collision attacks against MD5 in key exchange protocol (SLOTH)
CVE-2015-7575 TLS 1.2 Transcipt Collision attacks against MD5 in key exchange...
Status: NEW
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20160106,repor...
: Security
Depends On: 1297310 1289881 1289882 1289883 1289884 1289885 1289886 1289887 1289888 1289889 1289890 1289891 1289892 1296218 1296219 1296221
Blocks: 1289842 1295699 1298491
  Show dependency treegraph
 
Reported: 2015-12-09 01:46 EST by Huzaifa S. Sidhpurwala
Modified: 2018-01-30 18:26 EST (History)
38 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client.
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Huzaifa S. Sidhpurwala 2015-12-09 01:46:45 EST
A new class of transcript collision attacks on the use of MD5 in key exchange protocol was found in TLS 1.2. Due to several high-profile attacks against MD5, there is now consensus among certification authorities and software vendors to stop issuing and accepting new MD5 certificates. However MD5 continues to be supported in key exchange protocol for TLS 1.2 and also in IPSec and SSH-2. A almost-practical impersonation and downgrade attack was demostrated for IKEv2 and SSH-2 and also a concrete credential forwarding attack against TLS 1.2 client authentication.
Comment 1 Huzaifa S. Sidhpurwala 2015-12-09 01:56:56 EST
It seems openssl already disables RSA+MD5, see:

https://github.com/openssl/openssl/commit/45473632c54947859a731dfe2db087c002ef7aa7
Comment 19 Huzaifa S. Sidhpurwala 2015-12-10 00:56:19 EST
CVE-2015-7575 has been assigned to this issue.
Comment 24 Martin Prpič 2016-01-06 10:56:42 EST
Created gnutls tracking bugs for this issue:

Affects: fedora-all [bug 1296221]
Comment 25 Martin Prpič 2016-01-06 10:56:52 EST
Created nss tracking bugs for this issue:

Affects: fedora-all [bug 1296219]
Comment 26 Martin Prpič 2016-01-06 10:56:59 EST
Created openssl tracking bugs for this issue:

Affects: fedora-all [bug 1296218]
Comment 28 errata-xmlrpc 2016-01-07 12:23:47 EST
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7
  Red Hat Enterprise Linux 6

Via RHSA-2016:0007 https://rhn.redhat.com/errata/RHSA-2016-0007.html
Comment 29 errata-xmlrpc 2016-01-07 20:26:35 EST
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6
  Red Hat Enterprise Linux 7

Via RHSA-2016:0012 https://rhn.redhat.com/errata/RHSA-2016-0012.html
Comment 30 errata-xmlrpc 2016-01-07 20:39:32 EST
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6
  Red Hat Enterprise Linux 7

Via RHSA-2016:0008 https://rhn.redhat.com/errata/RHSA-2016-0008.html
Comment 32 Tomas Hoger 2016-01-20 09:06:23 EST
OpenJDK 8 upstream commit:

http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/1ad1d1b46fef

For Oracle Java SE, this was corrected in versions 7u95 and 8u71 via Oracle Critical Patch Update - January 2016:

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA
Comment 34 errata-xmlrpc 2016-01-20 14:14:28 EST
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2016:0050 https://rhn.redhat.com/errata/RHSA-2016-0050.html
Comment 35 errata-xmlrpc 2016-01-20 14:31:53 EST
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2016:0049 https://rhn.redhat.com/errata/RHSA-2016-0049.html
Comment 38 errata-xmlrpc 2016-01-21 06:39:34 EST
This issue has been addressed in the following products:

  Oracle Java for Red Hat Enterprise Linux 6
  Oracle Java for Red Hat Enterprise Linux 5
  Oracle Java for Red Hat Enterprise Linux 7

Via RHSA-2016:0056 https://rhn.redhat.com/errata/RHSA-2016-0056.html
Comment 39 errata-xmlrpc 2016-01-21 06:40:51 EST
This issue has been addressed in the following products:

  Oracle Java for Red Hat Enterprise Linux 6
  Oracle Java for Red Hat Enterprise Linux 7

Via RHSA-2016:0055 https://rhn.redhat.com/errata/RHSA-2016-0055.html
Comment 40 errata-xmlrpc 2016-01-21 06:42:11 EST
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2016:0053 https://rhn.redhat.com/errata/RHSA-2016-0053.html
Comment 41 errata-xmlrpc 2016-01-21 06:58:20 EST
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7
  Red Hat Enterprise Linux 5

Via RHSA-2016:0054 https://rhn.redhat.com/errata/RHSA-2016-0054.html
Comment 43 Fedora Update System 2016-01-23 18:54:36 EST
openssl101e-1.0.1e-6.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.
Comment 44 errata-xmlrpc 2016-02-02 05:05:16 EST
This issue has been addressed in the following products:

  Supplementary for Red Hat Enterprise Linux 6
  Supplementary for Red Hat Enterprise Linux 5

Via RHSA-2016:0101 https://rhn.redhat.com/errata/RHSA-2016-0101.html
Comment 45 errata-xmlrpc 2016-02-02 05:06:41 EST
This issue has been addressed in the following products:

  Supplementary for Red Hat Enterprise Linux 5

Via RHSA-2016:0100 https://rhn.redhat.com/errata/RHSA-2016-0100.html
Comment 46 errata-xmlrpc 2016-02-02 08:39:35 EST
This issue has been addressed in the following products:

  Supplementary for Red Hat Enterprise Linux 7

Via RHSA-2016:0098 https://rhn.redhat.com/errata/RHSA-2016-0098.html
Comment 47 errata-xmlrpc 2016-02-02 08:53:29 EST
This issue has been addressed in the following products:

  Supplementary for Red Hat Enterprise Linux 7
  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2016:0099 https://rhn.redhat.com/errata/RHSA-2016-0099.html
Comment 52 errata-xmlrpc 2016-07-18 09:55:42 EDT
This issue has been addressed in the following products:

  Red Hat Satellite 5.6
  Red Hat Satellite 5.7

Via RHSA-2016:1430 https://access.redhat.com/errata/RHSA-2016:1430

Note You need to log in before you can comment on or make changes to this bug.