BSDSec

deadsimple BSD Security Advisories and Announcements

NetBSD Security Advisory 2014-008: Multiple OpenSSL vulnerabilities

27 August, 2014 by security-officer@NetBSD.org | netbsd 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

		NetBSD Security Advisory 2014-008
		=================================

Topic:		Multiple OpenSSL vulnerabilities


Version:	NetBSD-current:		prior to Aug 10th, 2014
		NetBSD 6.1 - 6.1.4:	affected
		NetBSD 6.0 - 6.0.5:	affected
		NetBSD 5.1 - 5.1.4:	partially affected
		NetBSD 5.2 - 5.2.2:	partially affected

Severity:	MitM, Remote Code Execution, Remote DoS,
		Local Information Leak

Fixed:		NetBSD-current:		Aug 10th, 2014
		NetBSD-6-0 branch:	Aug 11th, 2014
		NetBSD-6-1 branch:	Aug 11th, 2014
		NetBSD-6 branch:	Aug 11th, 2014
		NetBSD-5-2 branch:	Aug 11th, 2014
		NetBSD-5-1 branch:	Aug 11th, 2014
		NetBSD-5 branch:	Aug 11th, 2014

Teeny versions released later than the fix date will contain the fix.

Please note that NetBSD releases prior to 5.1 are no longer supported.
It is recommended that all users upgrade to a supported release.


Abstract
========

Information leak in pretty printing functions (CVE-2014-3508)
Double Free when processing DTLS packets (CVE-2014-3505)
DTLS memory exhaustion (CVE-2014-3506)
DTLS memory leak from zero-length fragments (CVE-2014-3507)
OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)
Race condition in ssl_parse_serverhello_tlsext (CVE-2014-3509)
OpenSSL TLS protocol downgrade attack (CVE-2014-3511)

only in NetBSD-6 and NetBSD-current:
Crash with SRP ciphersuite in Server Hello message (CVE-2014-5139)
SRP buffer overrun (CVE-2014-3512)


Technical Details
=================

See http://www.openssl.org/news/secadv_20140806.txt


Solutions and Workarounds
=========================

Update the OpenSSL libraries and make sure the old libssl and libcrypto
are no longer used.

- From source:
- ------------
Update src and rebuild and install.
Note: OpenSSL in NetBSD-6 and NetBSD-current has been updated to
version 1.0.1h; updating the entire src tree is recommended.

- From tarballs:
- --------------
To obtain fixed binaries, fetch the appropriate base.tgz and comp.tgz
from a daily build later than the fix dates, from
http://nyftp.netbsd.org/pub/NetBSD-daily/<rel>/<date>/<arch>/binary/sets/
with a date 20140812* or larger, and your release version and architecture
(e.g. http://nyftp.netbsd.org/pub/NetBSD-daily/netbsd-6-1/201408140100Z/amd64/binary/sets/),
and then extract the files:

Shared libraries:

tar xzpf base.tgz \*libssl\* \*libcrypto\*

And static libraries and linker config files:

tar xzpf comp.tgz \*libssl\* \*libcrypto\*

Get the fixed library into use
- ------------------------------
Since the vulnerability is in a shared library, getting the old
library purged and the fixed one into use requires restarting
all programs that load libssl and libcrypto.
The easiest way to do this is to reboot the system.
Another method: using /bin/sh,
ps ax -o pid | (while read pid; do \
	pmap $pid | egrep '(libssl|libcrypto)' && echo found $pid ;\
done)
will find non-chrooted programs that have the affected libraries open;
restart them. sshd will not show up in this list since it runs chrooted
and re-exec'ed but also needs to be restartet.
ldd <programname> will show the shared libraries a programs is wont to use.

Lastly, remove the vulnerable libraries to make sure they won't get used
accidentially:
rm /usr/lib/libssl.so.10.3 /lib/libcrypto.so.8.2 /usr/lib/libcrypto.so.8.2

Fixed versions
- --------------
files relative to src/crypto/external/bsd/openssl/dist/ssl

branch      d1_both.c        t1_lib.c     s3_clnt.c    s23_srvr.c
- ----------  ---------------  -----------  -----------  ------------
netbsd-6-0  1.1.1.4.4.1.4.2  1.4.4.1.4.2  1.9.4.1.4.2  1.10.2.1.4.2
netbsd-6-1  1.1.1.4.4.1.6.2  1.4.4.1.6.2  1.9.4.1.6.2  1.10.2.1.6.2
netbsd-6    1.1.1.4.4.3      1.4.4.3      1.9.4.3      1.10.2.3
HEAD        1.1.1.8          1.9          1.16         1.16

files relative to src/crypto/external/bsd/openssl/dist/crypto

branch      asn1/a_object.c  objects/obj_dat.c  srp/srp_lib.c
- ----------  ---------------  -----------------  -------------
netbsd-6-0  1.1.1.4.4.1.4.2  1.4.4.1.4.2        1.9.4.1.4.2
netbsd-6-1  1.1.1.4.4.1.6.2  1.4.4.1.6.2        1.9.4.1.6.2
netbsd-6    1.1.1.4.4.3      1.4.4.3            1.9.4.3
HEAD        1.1.1.8          1.9                1.16

files relative to crypto/dist/openssl/ssl

branch      d1_both.c        t1_lib.c     s3_clnt.c    s23_srvr.c
- ----------  ---------------  -----------  -----------  ------------
netbsd-5-1  1.1.1.4.4.1.4.2  1.4.4.1.4.2  1.9.4.1.4.2  1.10.2.1.4.2
netbsd-5-2  1.1.1.4.4.1.6.2  1.4.4.1.6.2  1.9.4.1.6.2  1.10.2.1.6.2
netbsd-5    1.1.1.4.4.3      1.4.4.3      1.9.4.3      1.10.2.3

files relative to crypto/dist/openssl/crypto

branch      asn1/a_object.c  objects/obj_dat.c  srp/srp_lib.c
- ----------  ---------------  -----------------  -------------
netbsd-5-1  1.1.1.4.4.1.4.2  1.4.4.1.4.2        1.9.4.1.4.2
netbsd-5-2  1.1.1.4.4.1.6.2  1.4.4.1.6.2        1.9.4.1.6.2
netbsd-5    1.1.1.4.4.3      1.4.4.3            1.9.4.3


Thanks To
=========

The OpenSSL team acknowledges:
Ivan Fratric (Google) for CVE-2014-3508
Joonas Kuorilehto and Riku Hietamäki (Codenomicon) for CVE-2014-5139
Gabor Tyukasz (LogMeIn Inc) for CVE-2014-3509
Adam Langley and Wan-Teh Chang (Google) for CVE-2014-3505
Adam Langley (Google) for CVE-2014-3506, CVE-2014-3507
Felix Gröbert (Google) for CVE-2014-3510
David Benjamin and Adam Langley (Google) for CVE-2014-3511
Sean Devlin and Watson Ladd (Cryptography Services, NCC Group)
	for CVE-2014-3512
for discovering the vulnerabilities, and
Emilia Käsper, Stephen Henson and Matt Caswell of OpenSSL and
Gabor Tyukasz, Adam Langley and David Benjamin for developing fixes.


Revision History
================

	2014-08-27	Initial release


More Information
================

Advisories may be updated as new information becomes available.
The most recent version of this advisory (PGP signed) can be found at 
  http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.asc

Information about NetBSD and NetBSD security can be found at
http://www.NetBSD.org/ and http://www.NetBSD.org/Security/ .


Copyright 2014, The NetBSD Foundation, Inc.  All Rights Reserved.
Redistribution permitted only in full, unmodified form.

$NetBSD: NetBSD-SA2014-008.txt,v 1.1 2014/08/27 00:14:29 tonnerre Exp $

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJT/SL9AAoJEAZJc6xMSnBuNGMP/ij4iBhBJICU9NIL37ya0HbC
Ib4vldwm1D5P854Kzyhe9xmONcxDs/kbc3EVnZ462g/ZZXU+FCJynmSD9bjH2FyE
j8LF7qYpbPHsdsMVP2NvtE43/Tr4so1T/L0X20pyKVGfmvjcDRa6ly9TEXwueTnO
n8zlzu5frCCdB0L0flFXKFcRl8FV28vrNhjdAK9WbSVKE3AzABoIfeq1y9cQ0d5n
W9Qb5dzc7P3Es6u20/fCwFg7a8YbHh5Vdwz03UBrYw6oxW9psndz3fEPpXtobrW6
tI+qUIKN8aH+81bX6QKsJDu+N0bT+Kxy8y77XxgJws6egUtK7+LAGmU8/+nSe5yj
5rsMjrFyeTPJZ72RucYYvkqtDurQ7vofpTcUD8L0H3p/EAG7Rnfdbmjt3GtjN1Jf
TjntWXsYqKM5IEGF+Co9JywNoXPXQ2pgFJplngcxW2qMWSAb6j55z6JfUDSFFBSB
sSTzQkzs8/QJdnn+IEkXWL3O/YACE+RJ7qz2u9KRXSnSC6pxJ8u6HEXXiUtZ7yuU
dKkcN/wudVh7wb6GZETb40ZIRyyYv8wKH4JHC9v8xd/CBoMimzQayYE65xZ2oUTV
z0YaBZDLiTKZchhg3c0NYvJcRFcwNsdSnh4pT+3NYwq1wtYYRrHAIPagvafBGRPV
x01mlfhalrNN/1bxcnIl
=M1P+
-----END PGP SIGNATURE-----