Bug 705187 (CVE-2011-1923) - CVE-2011-1923 polarssl: man-in-the-middle during Diffie Hellman key exchange
Summary: CVE-2011-1923 polarssl: man-in-the-middle during Diffie Hellman key exchange
Alias: CVE-2011-1923
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 705188
TreeView+ depends on / blocked
Reported: 2011-05-16 21:57 UTC by Vincent Danen
Modified: 2019-09-29 12:45 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2011-05-20 15:54:50 UTC

Attachments (Terms of Use)

Description Vincent Danen 2011-05-16 21:57:50 UTC
PolarSSL security advisory 2011-01 [1] indicates that it is possible for an attacker to perform a man-in-the-middle attack during the Diffie Hellman key exchange, forcing the calculation of a fully predictable Diffie Hellman secret.

The upstream advisory has a patch, and this is also corrected in version 0.14.2.

[1] http://polarssl.org/trac/wiki/SecurityAdvisory201101

Comment 1 Vincent Danen 2011-05-16 22:00:04 UTC
Created polarssl tracking bugs for this issue

Affects: fedora-all [bug 705188]

Comment 2 Mads Kiilerich 2011-05-16 22:26:20 UTC
I am quite sure this is the bug in 0.14.0 that was fixed in 0.14.1 (which included a change that was slightly different from the one in the advisory and was named dhm_verifypub).

Vincent, do you think anything else remains to be done?

I will update to 0.14.2 ASAP but as an ordinary update.

Comment 3 Vincent Danen 2011-05-17 14:32:12 UTC
The upstream advisory is a bit confusing.  It does indeed say 0.14.0 and earlier is vulnerable, has the patch applicable to 0.14.0, but says to upgrade to 0.14.2.  It doesn't mention 0.14.1 at all.  I'm not sure what that means.

If the patch in question was applied to 0.14.1 (unstable release perhaps?) and that is what we currently provide, then I'm ok with it being a normal update.  Was the only difference that they changed the function name from 0.14.1 to 0.14.2?


Comment 4 Vincent Danen 2011-05-17 23:42:17 UTC
This was assigned CVE-2011-1923.

Comment 5 Mads Kiilerich 2011-05-18 08:47:16 UTC
http://polarssl.org/news says about 0.14.2:
The original releases that included the security fix (0.14.1 and 0.99-pre2) have been revoked due to possible copyright issues.

Comment 6 Vincent Danen 2011-05-20 15:54:50 UTC
Ahhh, thanks for that confirmation.  I'll close these bugs then as they've been dealt with and are current in Fedora now (the fixed 0.14.1).  Thanks!

Note You need to log in before you can comment on or make changes to this bug.