Bug 820686 - (CVE-2012-2333) CVE-2012-2333 openssl: record length handling integer underflow
CVE-2012-2333 openssl: record length handling integer underflow
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20120510,repor...
: Security
Depends On: 820693 820694 821646 821647 821648 821649
Blocks: 820691
  Show dependency treegraph
 
Reported: 2012-05-10 13:18 EDT by Tomas Hoger
Modified: 2016-03-04 05:53 EST (History)
8 users (show)

See Also:
Fixed In Version: openssl 0.9.8x, openssl 1.0.0j, openssl 1.0.1c
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-09-25 04:00:32 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Tomas Hoger 2012-05-10 13:18:09 EDT
It was discovered that OpenSSL did not properly handle TLS record length values from the received TLS packets.  After subtracting the number of padding bytes from the record length value, it did not check the resulting record length before subtracting the size of explicit IV (initialization vector for CBC encryption modes).  This could result in an integer underflow of the record length value, leading to a buffer over-read and out-of-bounds access.  A remote TLS peer could use this to crash an application using OpenSSL (usually a TLS or DTLS server) by sending a specially TLS packet.

Explicit IV is used in TLS 1.2, 1.1 and DTLS.  The openssl packages in Red Hat Enterprise Linux 3, 4, 5, and 6 only support TLS 1.0 and do not support TLS 1.1 and 1.2 and hence are not affected by the TLS part of this problem.  TLS versions 1.1 and 1.2 support was introduced upstream in OpenSSL version 1.0.1.  That version is currently only available in Fedora Rawhide/18.

The support for DTLS (Datagram Transport Layer Security) is enabled in openssl packages in Red Hat Enterprise Linux 5 and 6 and those versions are affected by the DTLS part of this problem.  Applications using openssl packages in Red Hat Enterprise Linux 5 and 6 to provide TLS/SSL service (such as httpd) are not affected by this issue.

Upstream fix:
http://cvs.openssl.org/chngview?cn=22538 (0.9.8)
http://cvs.openssl.org/chngview?cn=22547 (1.0.1)

This was fixed upstream in versions: 0.9.8x, 1.0.0j and 1.0.1c

Acknowledgement:

Red Hat would like to thank the OpenSSL project for reporting this issue. Upstream acknowledges Codenomicon as the original reporter.
Comment 1 Tomas Hoger 2012-05-10 13:33:23 EDT
External Reference:

http://openssl.org/news/secadv_20120510.txt
Comment 2 Tomas Hoger 2012-05-10 13:35:09 EDT
Created mingw32-openssl tracking bugs for this issue

Affects: fedora-all [bug 820694]
Comment 3 Tomas Hoger 2012-05-10 13:35:13 EDT
Created openssl tracking bugs for this issue

Affects: fedora-all [bug 820693]
Comment 4 Tomas Hoger 2012-05-15 02:44:45 EDT
CERT-FI advisory:
http://www.cert.fi/en/reports/2012/vulnerability641549.html
Comment 7 James Hammett 2012-05-18 03:11:35 EDT
The statement:

Explicit IV is used in TLS 1.2, 1.1 and DTLS.  The openssl packages in Red Hat
Enterprise Linux 3, 4, 5, and 6 only support TLS 1.0 and do not support TLS 1.1
and 1.2 and hence are not affected by the TLS part of this problem.  TLS
versions 1.1 and 1.2 support was introduced upstream in OpenSSL version 1.0.1. 
That version is currently only available in Fedora Rawhide/18.

Could someone update https://access.redhat.com/security/cve/CVE-2012-2333  with this information.
Comment 8 Fedora Update System 2012-05-29 06:32:32 EDT
openssl-1.0.0j-1.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 9 errata-xmlrpc 2012-05-29 12:58:54 EDT
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5
  Red Hat Enterprise Linux 6

Via RHSA-2012:0699 https://rhn.redhat.com/errata/RHSA-2012-0699.html
Comment 10 Fedora Update System 2012-06-02 20:00:17 EDT
openssl-1.0.0j-1.fc16 has been pushed to the Fedora 16 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 11 Fedora Update System 2012-06-02 20:02:16 EDT
openssl-1.0.0j-1.fc15 has been pushed to the Fedora 15 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 12 Tomas Hoger 2012-07-23 09:56:47 EDT
Statement:

This issue did not affect the versions of openssl as shipped with Red Hat Enterprise Linux 3 and 4. The openssl versions in Red Hat Enterprise Linux 5 and 6 were partially affected, as they support DTLS, but they do not support TLS 1.1 and TLS 1.2. This issue was addressed in Red Hat Enterprise Linux 5 and 6 via RHSA-2012:0699.
Comment 13 errata-xmlrpc 2012-09-24 12:02:58 EDT
This issue has been addressed in following products:

  JBoss Enterprise Application Platform 6.0.0

Via RHSA-2012:1308 https://rhn.redhat.com/errata/RHSA-2012-1308.html
Comment 14 errata-xmlrpc 2012-09-24 12:03:55 EDT
This issue has been addressed in following products:

  JBoss Enterprise Application Platform 5.1.2

Via RHSA-2012:1307 https://rhn.redhat.com/errata/RHSA-2012-1307.html
Comment 15 errata-xmlrpc 2012-09-24 12:05:01 EDT
This issue has been addressed in following products:

  JBoss Enterprise Web Server 1.0.2

Via RHSA-2012:1306 https://rhn.redhat.com/errata/RHSA-2012-1306.html

Note You need to log in before you can comment on or make changes to this bug.