Bug 1793071 (CVE-2020-1722) - CVE-2020-1722 ipa: No password length restriction leads to denial of service
Summary: CVE-2020-1722 ipa: No password length restriction leads to denial of service
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2020-1722
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1802408 1802409 1823621
Blocks: 1780457
TreeView+ depends on / blocked
 
Reported: 2020-01-20 15:47 UTC by Dhananjay Arunesh
Modified: 2021-02-16 20:44 UTC (History)
14 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in IPA. When sending a very long password (>= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat from this vulnerability is to system availability.
Clone Of:
Environment:
Last Closed: 2020-09-29 21:59:32 UTC


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Fedora Pagure freeipa issue 8268 0 None None None 2020-04-14 07:27:53 UTC
Red Hat Product Errata RHSA-2020:3936 0 None None None 2020-09-29 19:57:54 UTC
Red Hat Product Errata RHSA-2020:4670 0 None None None 2020-11-04 02:50:01 UTC

Description Dhananjay Arunesh 2020-01-20 15:47:11 UTC
A vulnerability was found in IPA, where by sending a very long password (1.000.000 characters) it's possible to cause a denial a service attack on the server. This may lead to the website becoming unavailable or unresponsive. Usually, this problem is caused by a vulnerable password hashing implementation. When a long password is sent, the password hashing process will result in CPU and memory exhaustion.

Comment 14 Huzaifa S. Sidhpurwala 2020-04-14 04:27:03 UTC
Acknowledgments:

Name: Pritam Singh (Red Hat)

Comment 15 Huzaifa S. Sidhpurwala 2020-04-14 04:27:35 UTC
Created freeipa tracking bugs for this issue:

Affects: fedora-all [bug 1823621]

Comment 16 Alexander Bokovoy 2020-04-14 07:27:53 UTC
Link FreeIPA issue 8268 here: https://pagure.io/freeipa/issue/8268 

FreeIPA team agrees with Red Hat Security Response Team assessment that this is a low severity, low priority issue. 
The fix will be merged into FreeIPA upstream but no separate release will be done.

Comment 17 errata-xmlrpc 2020-09-29 19:57:51 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2020:3936 https://access.redhat.com/errata/RHSA-2020:3936

Comment 18 Product Security DevOps Team 2020-09-29 21:59:32 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-1722

Comment 19 errata-xmlrpc 2020-11-04 02:49:58 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2020:4670 https://access.redhat.com/errata/RHSA-2020:4670


Note You need to log in before you can comment on or make changes to this bug.