Bug 1456030 (CVE-2017-7509) - CVE-2017-7509 certificate system 8: Enrolling certificate without certreq field causes CA to crash
Summary: CVE-2017-7509 certificate system 8: Enrolling certificate without certreq fie...
Alias: CVE-2017-7509
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 1450191 1471974
Blocks: 1451464
TreeView+ depends on / blocked
Reported: 2017-05-26 18:36 UTC by Kurt Seifried
Modified: 2021-10-21 11:53 UTC (History)
5 users (show)

Fixed In Version: pki-common-8.1.20-1.el5pki
Doc Type: Bug Fix
Doc Text:
An input validation error was found in Red Hat Certificate System's handling of client provided certificates. If the certreq field is not present in a certificate an assertion error is triggered causing a denial of service.
Clone Of:
Last Closed: 2021-10-21 11:53:58 UTC

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2017:2560 0 normal SHIPPED_LIVE Moderate: Red Hat Certificate System 8 security, bug fix, and enhancement update 2017-08-30 19:04:19 UTC

Description Kurt Seifried 2017-05-26 18:36:17 UTC
When submitting for certificate enrollment, Google Chrome cuts off the certreq field in the submission. This causes a null pointer exception that causes the CA to crash. This can also be reproduced using Firefox by directly passing the request to the servelet without the certreq field.

Comment 7 Matthew Harmsen 2017-07-31 17:44:46 UTC
Moved back to NEW since this is a CVE.

Comment 9 errata-xmlrpc 2017-08-30 15:06:11 UTC
This issue has been addressed in the following products:

  Red Hat Certificate System 8 with Advanced Access

Via RHSA-2017:2560 https://access.redhat.com/errata/RHSA-2017:2560

Note You need to log in before you can comment on or make changes to this bug.