163 lines
6.4 KiB
Text
163 lines
6.4 KiB
Text
-----BEGIN PGP SIGNED MESSAGE-----
|
|
Hash: SHA512
|
|
|
|
=============================================================================
|
|
FreeBSD-SA-17:02.openssl Security Advisory
|
|
The FreeBSD Project
|
|
|
|
Topic: OpenSSL multiple vulnerabilities
|
|
|
|
Category: contrib
|
|
Module: openssl
|
|
Announced: 2017-02-23
|
|
Affects: All supported versions of FreeBSD.
|
|
Corrected: 2017-01-26 19:14:14 UTC (stable/11, 11.0-STABLE)
|
|
2017-02-23 07:11:48 UTC (releng/11.0, 11.0-RELEASE-p8)
|
|
2017-01-27 07:45:06 UTC (stable/10, 10.3-STABLE)
|
|
2017-02-23 07:12:18 UTC (releng/10.3, 10.3-RELEASE-p17)
|
|
CVE Name: CVE-2016-7055, CVE-2017-3731, CVE-2017-3732
|
|
|
|
For general information regarding FreeBSD Security Advisories,
|
|
including descriptions of the fields above, security branches, and the
|
|
following sections, please visit <URL:https://security.FreeBSD.org/>.
|
|
|
|
I. Background
|
|
|
|
FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is
|
|
a collaborative effort to develop a robust, commercial-grade, full-featured
|
|
Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3)
|
|
and Transport Layer Security (TLS v1) protocols as well as a full-strength
|
|
general purpose cryptography library.
|
|
|
|
II. Problem Description
|
|
|
|
If an SSL/TLS server or client is running on a 32-bit host, and a specific
|
|
cipher is being used, then a truncated packet can cause that server or
|
|
client to perform an out-of-bounds read, usually resulting in a crash.
|
|
[CVE-2017-3731]
|
|
|
|
There is a carry propagating bug in the x86_64 Montgomery squaring procedure.
|
|
No EC algorithms are affected. Analysis suggests that attacks against RSA and
|
|
DSA as a result of this defect would be very difficult to perform and are not
|
|
believed likely. Attacks against DH are considered just feasible (although
|
|
very difficult) because most of the work necessary to deduce information
|
|
about a private key may be performed offline. The amount of resources
|
|
required for such an attack would be very significant and likely only
|
|
accessible to a limited number of attackers. An attacker would additionally
|
|
need online access to an unpatched system using the target private key in
|
|
a scenario with persistent DH parameters and a private key that is shared
|
|
between multiple clients. [CVE-2017-3732]
|
|
|
|
Montgomery multiplication may produce incorrect results. [CVE-2016-7055]
|
|
|
|
III. Impact
|
|
|
|
A remote attacker may trigger a crash on servers or clients that supported
|
|
RC4-MD5. [CVE-2017-3731]
|
|
|
|
A remote attacker may be able to deduce information about a private key,
|
|
but that would require enormous amount of resources. [CVE-2017-3732,
|
|
CVE-2016-7055]
|
|
|
|
IV. Workaround
|
|
|
|
No workaround is available.
|
|
|
|
V. Solution
|
|
|
|
Perform one of the following:
|
|
|
|
1) Upgrade your vulnerable system to a supported FreeBSD stable or
|
|
release / security branch (releng) dated after the correction date.
|
|
|
|
Restart all daemons that use the library, or reboot the system.
|
|
|
|
2) To update your vulnerable system via a binary patch:
|
|
|
|
Systems running a RELEASE version of FreeBSD on the i386 or amd64
|
|
platforms can be updated via the freebsd-update(8) utility:
|
|
|
|
# freebsd-update fetch
|
|
# freebsd-update install
|
|
|
|
Restart all daemons that use the library, or reboot the system.
|
|
|
|
3) To update your vulnerable system via a source code patch:
|
|
|
|
The following patches have been verified to apply to the applicable
|
|
FreeBSD release branches.
|
|
|
|
a) Download the relevant patch from the location below, and verify the
|
|
detached PGP signature using your PGP utility.
|
|
|
|
[FreeBSD 11.0]
|
|
# fetch https://security.FreeBSD.org/patches/SA-17:02/openssl-11.patch
|
|
# fetch https://security.FreeBSD.org/patches/SA-17:02/openssl-11.patch.asc
|
|
# gpg --verify openssl-11.patch.asc
|
|
|
|
[FreeBSD 10.3]
|
|
# fetch https://security.FreeBSD.org/patches/SA-17:02/openssl-10.patch
|
|
# fetch https://security.FreeBSD.org/patches/SA-17:02/openssl-10.patch.asc
|
|
# gpg --verify openssl-10.patch.asc
|
|
|
|
b) Apply the patch. Execute the following commands as root:
|
|
|
|
# cd /usr/src
|
|
# patch < /path/to/patch
|
|
|
|
c) Recompile the operating system using buildworld and installworld as
|
|
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
|
|
|
|
Restart all daemons that use the library, or reboot the system.
|
|
|
|
VI. Correction details
|
|
|
|
The following list contains the correction revision numbers for each
|
|
affected branch.
|
|
|
|
Branch/path Revision
|
|
- -------------------------------------------------------------------------
|
|
stable/10/ r312863
|
|
releng/10.3/ r314125
|
|
stable/11/ r312826
|
|
releng/11.0/ r314126
|
|
- -------------------------------------------------------------------------
|
|
|
|
To see which files were modified by a particular revision, run the
|
|
following command, replacing NNNNNN with the revision number, on a
|
|
machine with Subversion installed:
|
|
|
|
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
|
|
|
|
Or visit the following URL, replacing NNNNNN with the revision number:
|
|
|
|
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
|
|
|
|
VII. References
|
|
|
|
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7055>
|
|
|
|
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3731>
|
|
|
|
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3732>
|
|
|
|
<URL:https://www.openssl.org/news/secadv/20170126.txt>
|
|
|
|
The latest revision of this advisory is available at
|
|
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-17:02.openssl.asc>
|
|
-----BEGIN PGP SIGNATURE-----
|
|
|
|
iQIcBAEBCgAGBQJYr0wJAAoJEO1n7NZdz2rnmrUP/3YO9Ruq7XQUbGbmDcn1WcmK
|
|
Z4c9ZGCrHYv92fj1XiCpAVZJw4AMUvREZfdGM9qfWD4KogirOsuU7ZoQlJX4PT8d
|
|
XwncHhv9Pbz2e7HpIME1G2/T0Zvl1A8ptuYzvIkG7eX++V2OEHJWaEdl7GSvllNy
|
|
75yBZJwHjjylCQtcFwcxE8L/VsN3ZL4o1uGDRO2sWo7AD6b5J3MzJ5OutVW+cWrq
|
|
HnmDiqRp+bzNeyNspcLTRM9OU+ja0V2e4384EPyHi5garJtMZklK4g9ywZOB8gl0
|
|
3dsFMrGlb9ey03ewFEs9wfghTuPJU+M+v01GQ+SqFhRHVnoml3S6jG/UiN8BVe6s
|
|
ESZLbT2PmfGCGDi3FMrBrEz1e9fQrJP0xQ1/XKknG7yrwZloAes0WwOT/DeSde7C
|
|
oBsNWS6xOhjrq6WXLG6GSSBlmiw/z6zhVgNyixMV1FYrsaHs6Jko8Zrxr4GL3MxB
|
|
G6y8qLs7897WYZFn01vIAHVXGftBxukY8PZHsGCwA+OKjIxU2mmrcT7ARwoEMVot
|
|
HqsrLMogZnITqb0pfNRtXbgm/SWuh/GRdNGfS4soFyGCu/4vbKgAc0VETECoz3l8
|
|
sybQLMexhzdeCCIVPOeEgiKCdaS/QDp7kgdLfiiAKpDaOQ6pFEnyHJOZ1w/mJpNy
|
|
8EUN7AzNSSV9kEUAoBUw
|
|
=7cmn
|
|
-----END PGP SIGNATURE-----
|