Bug 1416852 (CVE-2017-3731) - CVE-2017-3731 openssl: Truncated packet could crash via OOB read
Summary: CVE-2017-3731 openssl: Truncated packet could crash via OOB read
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2017-3731
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1416864 1416865 1416866 1416867 1417552 1418964 1418965 1418966 1420893 1420894
Blocks: 1416858
TreeView+ depends on / blocked
 
Reported: 2017-01-26 15:35 UTC by Andrej Nemec
Modified: 2021-02-17 02:42 UTC (History)
57 users (show)

Fixed In Version: openssl 1.0.2k, openssl 1.1.0d
Doc Type: If docs needed, set a value
Doc Text:
An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly use this flaw to crash a 32-bit TLS/SSL server or client using OpenSSL if it used the RC4-MD5 cipher suite.
Clone Of:
Environment:
Last Closed: 2019-06-08 03:06:24 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2017:0286 0 normal SHIPPED_LIVE Moderate: openssl security update 2017-02-20 15:56:13 UTC
Red Hat Product Errata RHSA-2018:2185 0 None None None 2018-07-12 16:17:21 UTC
Red Hat Product Errata RHSA-2018:2186 0 None None None 2018-07-12 16:15:20 UTC
Red Hat Product Errata RHSA-2018:2187 0 None None None 2018-07-12 16:05:43 UTC

Description Andrej Nemec 2017-01-26 15:35:26 UTC 
If an SSL/TLS server or client is running on a 32-bit host, and a specific
cipher is being used, then a truncated packet can cause that server or client
to perform an out-of-bounds read, usually resulting in a crash.

For Openssl 1.0.2, the crash can be triggered when using RC4-MD5; users who have
not disabled that algorithm should update to 1.0.2k

External References:

https://www.openssl.org/news/secadv/20170126.txt
Comment 1 Tomas Hoger 2017-01-26 15:55:36 UTC 
Upstream commits:

https://git.openssl.org/?p=openssl.git;a=commitdiff;h=2198b3a55de681e1f3c23edb0586afe13f438051
https://git.openssl.org/?p=openssl.git;a=commitdiff;h=8e20499629b6bcf868d0072c7011e590b5c2294d
Comment 2 Andrej Nemec 2017-01-26 16:07:37 UTC 
Created openssl101e tracking bugs for this issue:

Affects: epel-5 [bug 1416866]
Comment 3 Andrej Nemec 2017-01-26 16:08:01 UTC 
Created openssl tracking bugs for this issue:

Affects: fedora-all [bug 1416864]
Comment 4 Andrej Nemec 2017-01-26 16:08:24 UTC 
Created mingw-openssl tracking bugs for this issue:

Affects: fedora-all [bug 1416865]
Affects: epel-7 [bug 1416867]
Comment 9 Tomas Mraz 2017-01-30 10:23:14 UTC 
Also note that for 1.0.1e the upstream fix is insufficient - the check for return value from EVP_CTRL_AEAD_TLS1_AAD has to be added in t1_enc.c.
Comment 10 Tomas Hoger 2017-01-30 10:58:34 UTC 
(In reply to Tomas Mraz from comment #9)
> Also note that for 1.0.1e the upstream fix is insufficient - the check for
> return value from EVP_CTRL_AEAD_TLS1_AAD has to be added in t1_enc.c.

This was added upstream as part of this commit:

https://git.openssl.org/?p=openssl.git;a=commitdiff;h=1a3701f4fe0530a40ec073cd78d02cfcc26c0f8e#patch7
Comment 14 Tomas Hoger 2017-01-31 10:32:55 UTC 
The root cause here is integer underflow, which leads to out of bounds read, possibly resulting in crash.

Upstream advisory lists the following affected use cases:

- When CHACHA20/POLY1305 cipher suites are used.  Those are not supported by openssl packages as shipped with current versions of Red Hat products.

- When RC4-MD5 cipher suite is used.  This cipher is supported and enabled by default.  Problem can be mitigated by disabling this cipher in configuration of an application using OpenSSL (if the application allows that).
Comment 20 errata-xmlrpc 2017-02-20 10:56:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6
  Red Hat Enterprise Linux 7

Via RHSA-2017:0286 https://rhn.redhat.com/errata/RHSA-2017-0286.html
Comment 21 errata-xmlrpc 2018-07-12 16:05:20 UTC 
This issue has been addressed in the following products:

  Red Hat JBoss Core Services

Via RHSA-2018:2187 https://access.redhat.com/errata/RHSA-2018:2187
Comment 22 errata-xmlrpc 2018-07-12 16:14:56 UTC 
This issue has been addressed in the following products:

  JBoss Core Services on RHEL 6

Via RHSA-2018:2186 https://access.redhat.com/errata/RHSA-2018:2186
Comment 23 errata-xmlrpc 2018-07-12 16:17:00 UTC 
This issue has been addressed in the following products:

  JBoss Core Services on RHEL 7

Via RHSA-2018:2185 https://access.redhat.com/errata/RHSA-2018:2185
Note You need to log in before you can comment on or make changes to this bug.