It was found that TLS implementation iPXE is vulnerable to timing attacks when processing TLS records allowing attacker to leak the information whether integrity check failed or succeeded. In tls_split_block(), the code returns early in case the problems with self-consistency of decrypted message arise, returning different error code in different error cases, allowing attacker to leak information either via timimng channel or based on error codes: https://git.ipxe.org/ipxe.git/blob/fbe8c52d0d9cdb3d6f5fe8be8edab54618becc1f:/src/net/tls.c#l2220 In tls_new_ciphertext(), attacker can infer the amount of processed data which is supposed to be secret based on the amount of time it takes to process MACs: https://git.ipxe.org/ipxe.git/blob/fbe8c52d0d9cdb3d6f5fe8be8edab54618becc1f:/src/net/tls.c#l2314
Acknowledgments: Name: Hubert Kario (Red Hat)
same type of vulnerability as CVE-2013-0169 (a.k.a Lucky 13)
Analysis: As Hubert mentioned in comment #3, this is essentially a lucky-13 attack against. The attacker on the same network segment, can at the most decrypt blocks of data, (which also depends on the TLS MAC used) which in a pxe setup should not be very useful to the attacker.
The versions of ipxe in the OpenStack repositories are older than those in RHEL, OpenStack installations should have been consuming these packages from RHEL.
Created ipxe tracking bugs for this issue: Affects: fedora-all [bug 1545493]
Statement: This is essentially CVE-2013-0169 affecting ipxe packages. The maximum impact of this flaw is that the attacker on the same network segment, can decrypt TLS data transmitted between the pxe server and the client. In a pxe setup this does has minimal security impact. This issue affects the versions of ipxe as shipped with Red Hat Satellite version 6 and Red Hat Ceph Storage 1.3. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
(In reply to Cedric Buissart from comment #12) > Statement: > > This is essentially CVE-2013-0169 affecting ipxe packages. The maximum > impact of this flaw is that the attacker on the same network segment, can > decrypt TLS data transmitted between the pxe server and the client. In a pxe > setup this does has minimal security impact. > > This issue affects the versions of ipxe as shipped with Red Hat Satellite > version 6 and Red Hat Ceph Storage 1.3. Red Hat Product Security has rated > this issue as having Moderate security impact. A future update may address > this issue. For additional information, refer to the Issue Severity > Classification: https://access.redhat.com/security/updates/classification/. Apparently this was never fixed upstream... Is there a patch somewhere, or is the fix obfuscated somehow and I don't see it?
I am not aware of any patch fixing it.