tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

NetBSD Security Advisory 2014-004: OpenSSL information disclosure ("heartbleed")



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                NetBSD Security Advisory 2014-004
                =================================

Topic:          OpenSSL information disclosure ("heartbleed")


Version:        NetBSD-current:         before Tue April 8th, 2014
                NetBSD 6.1 - 6.1.3:     affected
                NetBSD 6.0 - 6.0.4:     affected
                NetBSD 5.1 - 5.1.4:     not affected (but see pkgsrc)
                NetBSD 5.2 - 5.2.2:     not affected (but see pkgsrc)
                pkgsrc:                 affected

Severity:       high

Fixed:          NetBSD-current:         Tue April 8th, 2014
                NetBSD-6-0 branch:      Tue April 8th, 2014
                NetBSD-6-1 branch:      Tue April 8th, 2014
                NetBSD-6 branch:        Tue April 8th, 2014
                pkgsrc:                 openssl-1.0.1g (Tue April 8th, 2014)

Teeny versions released later than the fix date will contain the fix.

Please note that NetBSD releases prior to 5.1 are no longer supported.
It is recommended that all users upgrade to a supported release.


Abstract
========

Due to a programming error, a feature of the TLS protocol could
be used to deliver unselective chunks of memory of the process
running the TLS protocol.

The chunks of memory revealed to the attacker are likely to include
the private key the program is using to secure TLS connections,
but may include other vulnerable material, like e.g. in the case
of a https or ldaps server, account names and passwords of users.

Also, once the attacker has a copy of the private key they can run
very difficult to detect Man in the Middle attacks, or just listen
in on further communication with the affected program if they are
in a position to intercept traffic to it. (i.e. your encrypted
connection could as well be cleartext).

This vulnerability has been assigned CVE-2014-0160.


Technical Details
=================

A missing bounds check in the openssl 1.0.1 libssl library before
version 1.0.1g in the implementation of the RFC6520 TLS heartbeat
extension exposes up to 64k of memory of the process using libssl
on each invocation (e.g. on every connection).


Solutions and Workarounds
=========================

Update your OpenSSL libraries, make sure the old libssl is no longer
used, and change your certificate.

Update your OpenSSL libraries
- -----------------------------
On NetBSD 6.*, the fastest method to obtain fixed libraries is to
download the fixed libraries for your system from
http://ftp.netbsd.org/pub/NetBSD/misc/heartbleed/
and to deploy them:
cd /some/scratchpath
ftp http://ftp.netbsd.org/pub/NetBSD/misc/heartbleed/netbsd6-`uname 
-m`-heartbleedfix.tgz
ftp http://ftp.netbsd.org/pub/NetBSD/misc/heartbleed/SHA512
ftp http://ftp.netbsd.org/pub/NetBSD/misc/heartbleed/SHA512.asc
gpg --verify SHA512.asc
# check for: Good signature from "NetBSD Security Officer 
<security-officer%NetBSD.org@localhost>"
cksum -a sha512 netbsd6-`uname -m`-heartbleedfix.tgz > /tmp/netbsd6-`uname 
-m`-heartbleedfix.tgz.sha512.local
grep netbsd6-`uname -m`-heartbleedfix.tgz SHA512 > /tmp/netbsd6-`uname 
-m`-heartbleedfix.tgz.sha512.ftp
diff /tmp/netbsd6-`uname -m`-heartbleedfix.tgz.sha512.*
(diff should have no output)

cd / && tar xzpf /some/scratchpath/heartbleed/netbsd6-`uname 
-m`-heartbleedfix.tgz
rm /usr/lib/libssl.so.10.0
(remove the affected library just to make sure. Continue
reading below)

On NetBSD current, update src and rebuild and install.

Other ways to obtain a libssl that is not affected
- --------------------------------------------------
Rebuilding libssl (from src/crypto/external/bsd/openssl/lib/libssl)
with -DOPENSSL_NO_HEARTBEATS set will obtain a library that doesn't
support the extension and thus can't be attacked through it.

Get the fixed library into use
- ------------------------------
Since the vulnerability is in a shared library, getting the old
library purged and the fixed one into use requires shutting down
all programs that load libssl. This includes sshd (which is not
affected in its role as ssh-service-provider, but may be impacted
as a ldaps client f.e.). The easiest way to do this is to reboot
the system.

Fixed versions
- --------------
files relative to src/crypto/external/bsd/openssl/dist/ssl

branch      d1_both.c        t1_lib.c
- ----------  ---------------  -----------
netbsd-6-0  1.1.1.4.4.1.4.1  1.5.4.1.4.1
netbsd-6-1  1.1.1.4.4.1.6.1  1.5.4.1.6.1
netbsd-6    1.1.1.4.4.2      1.5.4.2
HEAD        1.1.1.7          1.11


Thanks To
=========

OpenSSL thanks Neel Mehta of Google Security for discovering this bug
and Adam Langley <agl%chromium.org@localhost> and Bodo Moeller 
<bmoeller%acm.org@localhost>
for preparing the fix.

NetBSD furthermore thanks Christos Zoulas for updating -current and
the releng team for the fast pullup and the preparation of the fix
tarballs.


Revision History
================

        2014-04-09      Initial release


More Information
================

Advisories may be updated as new information becomes available.
The most recent version of this advisory (PGP signed) can be found at 
  http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2014-004.txt.asc

Information about NetBSD and NetBSD security can be found at
http://www.NetBSD.org/ and http://www.NetBSD.org/Security/ .


Copyright 2014, The NetBSD Foundation, Inc.  All Rights Reserved.
Redistribution permitted only in full, unmodified form.

$NetBSD: NetBSD-SA2014-004.txt,v 1.1 2014/04/09 20:56:18 tonnerre Exp $

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJTRbQkAAoJEAZJc6xMSnBusVYP/jvXvquNIuM6kOpZbRosf/js
YSfkP74m54MeJhb382YzeJGh9yIa3XAOZ2bgxLFXeF6jj97Dm1uFvpBBN/VzjXwQ
y8ICh/32vtPJ8Sk6uJgjLL0Ne4biaQKtZP6qGPNJ87HYb1hGUkdSq2zAWqHnIlHR
PuhYoIm+mr/bQs5hLH8I8g7LHJiD9l0qhwbU39gMGw6hv8fwsqcenCx4IuSMijcD
rPMfOVTO6CU/ZN0CedRgJpAUnbnb7Y6uk1sZE+dTDv043tyQvjsUqCCtq7bSEcNd
N6GyAMLfkxPdpAvGgJk/xTQexCHwucznVUayY7xQvB0Bgi813AbnCjORUGc8NB/1
5zFJrZsdQLgFwSGm4S1GSOcPolS8xNTXaRTEkLCZFqE7LwGRHI7gBLLoIIr9Sevp
n0aEb3d/ARD7Ub3D4Qoob0QKcIIEmNgUyR/g01XlSvQDjU8A5S+wbiIlD477t3g2
IKWCX57DQmzEnkJYwA2OVvOERnUW3AbqtGFfd1HZiViDIrd7IZaShYBtCfL5gbkY
gie88EERli35UmS4Pf+R8jrTJ/FrzAphH0vEgYhYSqCZC8R5MqmYMQmuFGqWHm8s
t1Meh29882TEPyOl33gRm8VoNm9HcU7X8pTKbnu+jhmGG8BmiFRMsSXntB1MMetQ
lQHf49TDIzqxszX3T60F
=soXy
-----END PGP SIGNATURE-----


Home | Main Index | Thread Index | Old Index