Bug 1752100 (CVE-2019-1563) - CVE-2019-1563 openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey
Summary: CVE-2019-1563 openssl: information disclosure in PKCS7_dataDecode and CMS_dec...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2019-1563
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1752101 1752102 1752103 1752338 1752339 1752340 1752341
Blocks: 1752105
TreeView+ depends on / blocked
 
Reported: 2019-09-13 17:14 UTC by Dhananjay Arunesh
Modified: 2021-02-16 21:23 UTC (History)
47 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-04-06 22:32:08 UTC


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2020:1336 0 None None None 2020-04-06 19:10:22 UTC
Red Hat Product Errata RHSA-2020:1337 0 None None None 2020-04-06 19:27:12 UTC
Red Hat Product Errata RHSA-2020:1840 0 None None None 2020-04-28 15:58:36 UTC

Description Dhananjay Arunesh 2019-09-13 17:14:07 UTC
In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key, using a Bleichenbacher padding oracle attack. Applications are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).

Reference:
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=08229ad838c50f644d7e928e2eef147b4308ad64
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=631f94db0065c78181ca9ba5546ebc8bb3884b97
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e21f8cf78a125cd3c8c0d1a1a6c8bb0b901f893f
https://seclists.org/bugtraq/2019/Sep/25
https://www.openssl.org/news/secadv/20190910.txt

Comment 1 Dhananjay Arunesh 2019-09-13 17:14:53 UTC
Created mingw-openssl tracking bugs for this issue:

Affects: epel-7 [bug 1752101]
Affects: fedora-all [bug 1752103]


Created openssl tracking bugs for this issue:

Affects: fedora-all [bug 1752102]

Comment 5 Kunjan Rathod 2019-11-14 23:05:57 UTC
This vulnerability is out of security support scope for the following products:
 * Red Hat Enterprise Application Platform 6
 * Red Hat Enterprise Application Platform 5
 * Red Hat JBoss Enterprise Web Server 2
 * Red Hat JBoss Web Server 3



Please refer to https://access.redhat.com/support/policy/updates/jboss_notes for more details.

Comment 7 Laurie Morse 2020-03-04 21:09:26 UTC
This keeps coming up with our services teams needing the fixed versions of OpenSSL.  There are several CVEs that are involved ...
CVE-2019-1547 - Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).
CVE-2019-1549 - Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c).
CVE-2019-1551 - Fixed in OpenSSL 1.1.1e-dev (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u-dev (Affected 1.0.2-1.0.2t).
CVE-2019-1563 - Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).

Our images installed with OpenSSL show the following ...
Based on registry.access.redhat.com/ubi7/ubi-minimal - Need OpenSSL 1.0.2t or 1.0.2u-dev in ubi-7/x86_64 Red Hat Universal Base Image 7 Server (RPMs)
[root@4c866ac08b81 /]# openssl version
OpenSSL 1.0.2k-fips  26 Jan 2017
Based on registry.access.redhat.com/ubi8/ubi-minimal - Need OpenSSL 1.1.1d or 1.1.1e-dev in ubi-8-baseos Red Hat Universal Base Image 8 (RPMs) - BaseOS
[root@6ad506124398 /]# openssl version
OpenSSL 1.1.1c FIPS  28 May 2019

Having these upgrades will solve a lot of these issues for us.  When can we expect the OpenSSL packages upgraded?

Comment 9 Laurie Morse 2020-03-23 15:59:18 UTC
There are many teams needing to use these images and are reporting these vulnerabilities.  They require the upgraded images.  When can we expect the OpenSSL packages upgraded?

Comment 10 Huzaifa S. Sidhpurwala 2020-03-25 10:49:17 UTC
Mitigation:

This attack is carried out by sending a large number of messages to be decrypted by the victim. The attacker needs to receive a response from the victim if the decryption was successful or not. Therefore only if the user application compiled with openssl is designed above way, the attack will be viable.
Only CMS_decrypt and PKCS7_decrypt functions are affected. Applications compiled with openssl are not affected if they use a certificate together with the private RSA key to the CMS_decrypt or PKCS7_decrypt functions to select the correct recipient info to decrypt.

Comment 11 Laurie Morse 2020-03-25 16:12:21 UTC
Our teams are dependent on the upgraded version of openssl to pass vulnerability scans for our products. We cannot workaround this. When can we expect the OpenSSL packages upgraded in UBI8?

Comment 12 Clifford Perry 2020-03-31 09:50:06 UTC
(In reply to Laurie Morse from comment #11)
> Our teams are dependent on the upgraded version of openssl to pass
> vulnerability scans for our products. We cannot workaround this. When can we
> expect the OpenSSL packages upgraded in UBI8?

Hi - can you please open a support ticket for this inquiry. Our UBI images are updated automatically - after a general RHSA (Security Errata) has been released into the RHEL channel as RPM content. 
Regards,
Cliff

Comment 13 Laurie Morse 2020-03-31 17:29:05 UTC
I have opened Case 02620079 - UBI8: ubi8/ubi-minimal missing critical update for OpenSSL CVEs ...
https://access.redhat.com/support/cases/#/case/02620079

Comment 14 errata-xmlrpc 2020-04-06 19:10:19 UTC
This issue has been addressed in the following products:

  JBoss Core Services Apache HTTP Server 2.4.37 SP2

Via RHSA-2020:1336 https://access.redhat.com/errata/RHSA-2020:1336

Comment 15 errata-xmlrpc 2020-04-06 19:27:09 UTC
This issue has been addressed in the following products:

  JBoss Core Services on RHEL 6
  JBoss Core Services on RHEL 7

Via RHSA-2020:1337 https://access.redhat.com/errata/RHSA-2020:1337

Comment 16 Product Security DevOps Team 2020-04-06 22:32:08 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2019-1563

Comment 17 errata-xmlrpc 2020-04-28 15:58:33 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:1840 https://access.redhat.com/errata/RHSA-2020:1840

Comment 18 Fedora Update System 2020-05-29 00:57:08 UTC
FEDORA-EPEL-2020-ff94ccbdec has been pushed to the Fedora EPEL 7 stable repository.
If problem still persists, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.