Bug 1577909 (CVE-2017-17689) - CVE-2017-17689 S/MIME: CBC gadget attacks allows to exfiltrate plaintext out of encrypted emails
Summary: CVE-2017-17689 S/MIME: CBC gadget attacks allows to exfiltrate plaintext out ...
Keywords:
Status: CLOSED WONTFIX
Alias: CVE-2017-17689
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1577915 1577910 1577911 1577912 1577913 1577914 1577916 1577917 1577918
Blocks: 1577878
TreeView+ depends on / blocked
 
Reported: 2018-05-14 12:19 UTC by Adam Mariš
Modified: 2021-02-17 00:19 UTC (History)
16 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-06-10 10:22:52 UTC
Embargoed:

Attachments (Terms of Use)

Description Adam Mariš 2018-05-14 12:19:15 UTC 
Vulnerabilities in S/MIME specification can be abused by so-called CBC gadget attacks to exfiltrate the plaintext from encrypted email. Attacker having access to encrypted emails of a victim can modify them to inject an image tag into them and create a single encrypted body part that exfiltrates its own plaintext when the victim opens the attacker email.

External References:

https://efail.de/
Comment 1 Adam Mariš 2018-05-14 12:23:15 UTC 
Created evolution tracking bugs for this issue:

Affects: fedora-all [bug 1577910]


Created kmail tracking bugs for this issue:

Affects: fedora-all [bug 1577911]


Created thunderbird tracking bugs for this issue:

Affects: fedora-all [bug 1577914]


Created thunderbird-enigmail tracking bugs for this issue:

Affects: epel-7 [bug 1577917]
Affects: fedora-all [bug 1577912]


Created trojita tracking bugs for this issue:

Affects: epel-7 [bug 1577915]
Affects: fedora-all [bug 1577913]
Comment 3 Tomas Hoger 2018-05-23 09:23:07 UTC 
Apparently, Mozilla Thunderbird addressed this in 52.8 using their own CVE-2018-5184 (bug 1580236):

https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5184

Mozilla upstream bug:

https://bugzilla.mozilla.org/show_bug.cgi?id=1411592

remains non-public, but it's the same id as is listed on the efail.de page.

Mozilla advisory also acknowledges authors of the efail.de paper as original reporters.
Comment 4 Tomas Hoger 2018-05-23 09:27:26 UTC 
There are actually multiple related CVEs in the MFSA 2018-13 advisory:

CVE-2018-5184: Full plaintext recovery in S/MIME via chosen-ciphertext attack
https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5184

CVE-2018-5162: Encrypted mail leaks plaintext through src attribute
https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5162

CVE-2018-5185: Leaking plaintext through HTML forms
https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5185
Comment 5 Milan Crha 2018-05-23 10:56:40 UTC 
(In reply to Tomas Hoger from comment #4)
> CVE-2018-5184: Full plaintext recovery in S/MIME via chosen-ciphertext attack
> https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5184

https://hg.mozilla.org/releases/comm-esr52/rev/886b0e10bafa

> CVE-2018-5162: Encrypted mail leaks plaintext through src attribute
> https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5162

https://hg.mozilla.org/releases/comm-esr52/rev/eec7161f761f

reverted later, the log:
https://hg.mozilla.org/releases/comm-esr52/log?rev=1457721

> CVE-2018-5185: Leaking plaintext through HTML forms
> https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5185

https://hg.mozilla.org/releases/comm-esr52/rev/2ebcd2081d70

Nothing from the above touches NSS, thus not usable for evolution-data-server. They also make sure that the data won't leak through HTTP channels, which is not a problem in evolution-data-server.
Comment 7 Huzaifa S. Sidhpurwala 2018-08-23 06:49:57 UTC 
Mitigation:

The easiest way to mitigate this vulnerability is not to use HTML emails. If you really need to use them ensure that MUA clients disable external links embedded in HTML emails. For example in thunderbird email client, Edit->Preferences->Privacy->Disable "Allow remote content in messages".
Comment 8 Huzaifa S. Sidhpurwala 2018-08-23 08:20:07 UTC 
This issue was address in the version of Mozilla thunderbird shipped with Red Hat Enterprise Linux 6 and 7 via security advisories RHSA-2018:1725 and RHSA-2018:1726 respectively.
Comment 9 Doran Moppert 2018-08-24 02:19:04 UTC 
CVE-2018-5162 was this particular attack in Thunderbird, and it was resolved in 52.8.

In reply to comment 5:
> (In reply to Tomas Hoger from comment #4)
> > CVE-2018-5162: Encrypted mail leaks plaintext through src attribute
> > https://www.mozilla.org/en-US/security/advisories/mfsa2018-13/#CVE-2018-5162
> 
> https://hg.mozilla.org/releases/comm-esr52/rev/eec7161f761f
> 
> reverted later, the log:
> https://hg.mozilla.org/releases/comm-esr52/log?rev=1457721

Replaced with:

https://hg.mozilla.org/releases/comm-esr52/rev/6eca16d60d90
Comment 10 Doran Moppert 2018-08-24 02:19:19 UTC 
Statement:

The research paper talks about use of HTML as a back channel to create an oracle for modified encrypted emails. HTML emails which use external links like "<img href="tla.org/TAG"/>" can cause security issues if they are honored by the MUAs. Due to flaws in MIME parsers many MUAs seem to concatenate decrypted HTML mine parts which makes it easy to plan such snippets in HTML emails. Please refer to https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060315.html about how GnuPG can mitigate this flaw.

For Thunderbird, this vulnerability was known as CVE-2018-5162 and resolved in 52.8.
Comment 11 Huzaifa S. Sidhpurwala 2019-05-29 05:33:18 UTC 
Note:

Further investigation suggests that evolution-data-server package may not be affected by this flaw as per: https://bugzilla.redhat.com/show_bug.cgi?id=1577910#c3
Note You need to log in before you can comment on or make changes to this bug.