Bug 1330264 – CVE-2016-3704 pulp: Unsafe use of bash $RANDOM for NSS DB password and seed

Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.

Bug 1330264 - (CVE-2016-3704) CVE-2016-3704 pulp: Unsafe use of bash $RANDOM for NSS DB password and seed

Summary:	CVE-2016-3704 pulp: Unsafe use of bash $RANDOM for NSS DB password and seed

Status:	POST

Aliases:	CVE-2016-3704

Product:	Security Response
Classification:	Other
Component:	vulnerability (Show other bugs)
Sub Component:
Version:	unspecified
Hardware:	All Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Red Hat Product Security
QA Contact:
Docs Contact:

URL:
Whiteboard:	impact=moderate,public=20160425,repor...
Keywords:	Security

Depends On:	1330283 1369890 1399327
Blocks:	1330273 1432305
	Show dependency tree / graph

Reported:	2016-04-25 14:33 EDT by Kurt Seifried
Modified:	2018-09-19 11:16 EDT (History)
CC List:	15 users (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:	Pulp makes unsafe use of Bash's $RANDOM to generate a NSS DB password and seed resulting in insufficient randomness. An attacker could potentially guess the seed used given enough time and compute resources.
Story Points:	---
Clone Of:
Environment:
Last Closed:
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Pulp Redmine	1858	Normal	CLOSED - CURRENTRELEASE	CVE-2016-3704: Unsafe use of bash $RANDOM for NSS DB password and seed	2016-06-27 13:01 EDT
Red Hat Product Errata	RHSA-2018:0336	normal	SHIPPED_LIVE	Important: Satellite 6.3 security, bug fix, and enhancement update	2018-02-21 17:43:42 EST

Groups: None (edit)

Description Kurt Seifried 2016-04-25 14:33:55 EDT

Randy Barlow of Red Hat reports:


In working on another security issue in this same script, I noticed that 
Pulp's pulp-qpid-ssl-cfg script uses bash's $RANDOM in unsafe ways. One 
of them is already being fixed as part of another CVE (the TMP directory 
is unsafe, CVE-2016-3696), but the other two uses are:

0) The default NSS DB password is a single value from $RANDOM, 
limiting it to the strings from 0 to 32768:

https://github.com/pulp/pulp/blob/pulp-2.8.2-1/server/bin/pulp-qpid-ssl-cfg#L25 [Open URL]

1) The certutil -z flag receives a "noise file". The script uses $RANDOM to 
populate a file with numbers to generate this file:

https://github.com/pulp/pulp/blob/pulp-2.8.2-1/server/bin/pulp-qpid-ssl-cfg#L97-L105 [Open URL]

Since $RANDOM is used in this way, the seed file ends up having low 
diversity since only 11 possibly bytes appear in the file: 0-9 and newline.

I know that I can use pwgen to fix #0, but I'm not sure we want to depend 
on pwgen. One possibility is to avoid having a default password and force 
the user to provide one. Do you have a suggestion on a good way to 
make a password?

For #1 I will just grab 8 kB from /dev/urandom and call it a day.

Comment 1 Kurt Seifried 2016-04-25 14:34:07 EDT

Acknowledgments:

Name: Randy Barlow (RedHat)

Comment 3 pulp-infra@redhat.com 2016-04-25 15:14:32 EDT

The Pulp upstream bug status is at ASSIGNED. Updating the external tracker on this bug.

Comment 4 pulp-infra@redhat.com 2016-04-25 15:14:38 EDT

The Pulp upstream bug priority is at Normal. Updating the external tracker on this bug.

Comment 5 pulp-infra@redhat.com 2016-04-25 17:33:38 EDT

The Pulp upstream bug status is at POST. Updating the external tracker on this bug.

Comment 6 pulp-infra@redhat.com 2016-05-03 15:00:41 EDT

The Pulp upstream bug status is at MODIFIED. Updating the external tracker on this bug.

Comment 7 pulp-infra@redhat.com 2016-05-26 16:30:48 EDT

The Pulp upstream bug status is at ON_QA. Updating the external tracker on this bug.

Comment 8 pulp-infra@redhat.com 2016-05-31 13:30:41 EDT

The Pulp upstream bug status is at MODIFIED. Updating the external tracker on this bug.

Comment 9 pulp-infra@redhat.com 2016-06-17 13:30:44 EDT

The Pulp upstream bug status is at ON_QA. Updating the external tracker on this bug.

Comment 10 pulp-infra@redhat.com 2016-06-27 13:01:03 EDT

The Pulp upstream bug status is at CLOSED - CURRENTRELEASE. Updating the external tracker on this bug.

Comment 11 Fedora Update System 2016-08-16 15:24:32 EDT

pulp-2.8.6-1.fc24, pulp-docker-2.0.2-1.fc24, pulp-ostree-1.1.2-1.fc24, pulp-puppet-2.8.6-2.fc24, pulp-python-1.1.2-1.fc24, pulp-rpm-2.8.6-2.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.

Comment 13 pulp-infra@redhat.com 2016-11-21 16:02:07 EST

All upstream Pulp bugs are at MODIFIED+. Moving this bug to POST.

Comment 16 pulp-infra@redhat.com 2018-02-21 03:35:42 EST

All upstream Pulp bugs are at MODIFIED+. Moving this bug to POST.

Comment 17 errata-xmlrpc 2018-02-21 07:26:47 EST

This issue has been addressed in the following products:

  Red Hat Satellite 6.3 for RHEL 7

Via RHSA-2018:0336 https://access.redhat.com/errata/RHSA-2018:0336

Note You need to log in before you can comment on or make changes to this bug.