1849734 – (CVE-2020-13962) CVE-2020-13962 qt5: incorrectly calls SSL_shutdown() in OpenSSL mid-handshake causing denial of service in TLS applications

Bug 1849734 (CVE-2020-13962) - CVE-2020-13962 qt5: incorrectly calls SSL_shutdown() in OpenSSL mid-handshake causing denial of service in TLS applications

Summary: CVE-2020-13962 qt5: incorrectly calls SSL_shutdown() in OpenSSL mid-handshake...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2020-13962
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1849735 1849737 1851538
Blocks:	1849738
TreeView+	depends on / blocked

Reported:	2020-06-22 16:58 UTC by Michael Kaplan
Modified:	2021-02-16 19:48 UTC (History)
CC List:	6 users (show)
Fixed In Version:	QT 5.12.9, QT 5.14.3, QT 5.15.0 Beta4
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-11-04 02:26:10 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2020:4690	0	None	None	None	2020-11-04 03:02:56 UTC

Description Michael Kaplan 2020-06-22 16:58:27 UTC

Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session may be disconnected when any handshake fails. (Mumble 1.3.1 is not affected, regardless of the Qt version.)


Upstream Bug:

https://bugreports.qt.io/browse/QTBUG-83450

References:

https://github.com/mumble-voip/mumble/issues/3679
https://github.com/mumble-voip/mumble/pull/4032

Comment 1 Michael Kaplan 2020-06-22 16:58:43 UTC

Created mumble tracking bugs for this issue:

Affects: fedora-all [bug 1849735]

Comment 2 Michael Kaplan 2020-06-22 16:59:41 UTC

Created qt5 tracking bugs for this issue:

Affects: fedora-all [bug 1849737]

Comment 4 Todd Cullum 2020-06-26 21:07:20 UTC

Technical Summary:

qt5-qtbase calls q_SSL_shutdown() in QSslSocketBackendPrivate::destroySslContext() from src/network/ssl/qsslsocket_openssl.cpp without checking that it is not in the middle of an SSL handshake. Calling q_SSL_shutdown() during a handshake creates an OpenSSL error that is not handled by Qt5, and closes connections, even in other QsslSockets.

> Error while reading: error:140E0197:SSL routines:SSL_shutdown:shutdown while in init [20]

The patch introduces a function q_SSL_in_init() to ensure there is no active handshake and checks for any SSL errors before calling q_SSL_shutdown(). This flaw could lead to a denial of service in both the connection that called q_SSL_shutdown() and any other open connections with other clients. In order for an application to be vulnerable, it would need to utilize the SSL/TLS functionality of qt5-qtcore 5.12.2 through 5.14.2

Upstream patch: https://codereview.qt-project.org/c/qt/qtbase/+/297149

Comment 5 Todd Cullum 2020-06-26 21:10:27 UTC

Mitigation:

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Comment 8 Product Security DevOps Team 2020-11-04 02:26:10 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-13962

Comment 9 errata-xmlrpc 2020-11-04 03:02:54 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:4690 https://access.redhat.com/errata/RHSA-2020:4690

Note You need to log in before you can comment on or make changes to this bug.