Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1421695 - (CVE-2017-3733) CVE-2017-3733 openssl: Encrypt-Then-Mac renegotiation crash
CVE-2017-3733 openssl: Encrypt-Then-Mac renegotiation crash
Status: CLOSED NOTABUG
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
high Severity high
: ---
: ---
Assigned To: Red Hat Product Security
impact=important,public=20170216,repo...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-02-13 08:12 EST by Martin Prpič
Modified: 2017-02-17 06:35 EST (History)
2 users (show)

See Also:
Fixed In Version: openssl 1.1.0e
Doc Type: If docs needed, set a value
Doc Text:
It was found that changing the ciphersuite during a renegotiation of the Encrypt-Then-Mac extension could result in a crash of the OpenSSL server or client.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-02-13 08:14:32 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
CVE-2017-3733 patch (34.65 KB, text/plain)
2017-02-13 08:13 EST, Martin Prpič 		no flags Details
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Martin Prpič 2017-02-13 08:12:40 EST 
The following flaw was reported by OpenSSL upstream:

During a renegotiation handshake if the Encrypt-Then-Mac (ETM) extension is negotiated where it was not in the original handshake (or vice-versa) then this
can cause OpenSSL to crash (dependant on ciphersuite). Both clients and servers are affected.

The problem was caused by changing the flag indicating whether to use ETM or not immediately on negotiation of ETM, rather than at CCS. Therefore, during a renegotiation, if the ETM state is changing (usually due to a change of ciphersuite), then an error/crash will occur. Due to the fact that there are separate CCS messages for read and write we actually now need two flags to determine whether to use ETM or not.

This issue affects OpenSSL 1.1.0 only, and is fixed in 1.1.0e. This issue does not affect OpenSSL version 1.0.2.
Comment 1 Martin Prpič 2017-02-13 08:12:45 EST 
External References:

https://www.openssl.org/news/secadv/20170216.txt
Comment 2 Martin Prpič 2017-02-13 08:12:47 EST 
Acknowledgments:

Name: the OpenSSL project
Upstream: Joe Orton (Red Hat)
Comment 3 Martin Prpič 2017-02-13 08:13 EST 
Created attachment 1249850 [details]
CVE-2017-3733 patch
Comment 4 Andrej Nemec 2017-02-16 08:53:34 EST 
Public via:

https://www.openssl.org/news/vulnerabilities.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.