Bug 1520400 (CVE-2017-1000385) - CVE-2017-1000385 erlang: TLS server vulnerable to Adaptive Chosen Ciphertext attack allowing plaintext recovery or MITM attack
Summary: CVE-2017-1000385 erlang: TLS server vulnerable to Adaptive Chosen Ciphertext ...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2017-1000385
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1520401 1525246 1525247 1525248 1525249 1526524 1526525
Blocks: 1520468
TreeView+ depends on / blocked
 
Reported: 2017-12-04 12:35 UTC by Adam Mariš
Modified: 2021-02-17 01:10 UTC (History)
32 users (show)

Fixed In Version: erlang 20.1.7
Doc Type: If docs needed, set a value
Doc Text:
An erlang TLS server configured with cipher suites using RSA key exchange, may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA. This may result in plain-text recovery of encrypted messages and/or a man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server’s private key itself.
Clone Of:
Environment:
Last Closed: 2019-06-08 03:32:39 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2018:0242 0 normal SHIPPED_LIVE Low: erlang security update 2018-01-31 00:52:40 UTC
Red Hat Product Errata RHSA-2018:0303 0 normal SHIPPED_LIVE Low: erlang security and bug fix update 2018-02-14 00:20:25 UTC
Red Hat Product Errata RHSA-2018:0368 0 normal SHIPPED_LIVE Low: erlang security update 2018-02-27 21:23:01 UTC
Red Hat Product Errata RHSA-2018:0528 0 None None None 2018-03-15 12:34:44 UTC

Description Adam Mariš 2017-12-04 12:35:00 UTC 
An erlang TLS server configured with cipher suites using rsa key exchange, may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server’s private key itself.

References:

https://groups.google.com/forum/#!topic/erlang-programming/J0LH-j6fRlM
Comment 1 Adam Mariš 2017-12-04 12:35:19 UTC 
Created erlang tracking bugs for this issue:

Affects: fedora-all [bug 1520401]
Comment 5 Gabriel Rocha 2017-12-13 09:48:41 UTC 
This is not high touch. As per IRC discussion earlier with Garth, making this high touch adds no value to anything.
Comment 8 errata-xmlrpc 2018-01-30 19:53:33 UTC 
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 12.0 (Pike)

Via RHSA-2018:0242 https://access.redhat.com/errata/RHSA-2018:0242
Comment 9 errata-xmlrpc 2018-02-13 16:14:32 UTC 
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 11.0 (Ocata)

Via RHSA-2018:0303 https://access.redhat.com/errata/RHSA-2018:0303
Comment 10 errata-xmlrpc 2018-02-27 16:22:37 UTC 
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 10.0 (Newton)

Via RHSA-2018:0368 https://access.redhat.com/errata/RHSA-2018:0368
Comment 11 errata-xmlrpc 2018-03-15 12:34:29 UTC 
This issue has been addressed in the following products:

  Red Hat OpenStack Platform 9.0 (Mitaka)

Via RHSA-2018:0528 https://access.redhat.com/errata/RHSA-2018:0528
Comment 12 Kurt Seifried 2018-03-20 18:28:31 UTC 
Statement:

This issue affects the versions of erlang as shipped with Red Hat CloudForms 4. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Note You need to log in before you can comment on or make changes to this bug.