Security OpenSSL OpenSSL Security Advisory [16 Apr 2018]

buik · Apr 18, 2018

OpenSSL Security Advisory [16 Apr 2018]
========================================

Cache timing vulnerability in RSA Key Generation (CVE-2018-0737)
================================================================

Severity: Low

The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a
cache timing side channel attack. An attacker with sufficient access to mount
cache timing attacks during the RSA key generation process could recover the
private key.

Due to the low severity of this issue we are not issuing a new release of
OpenSSL 1.1.0 or 1.0.2 at this time. The fix will be included in OpenSSL 1.1.0i
and OpenSSL 1.0.2p when they become available. The fix is also available in
commit 6939eab03 (for 1.1.0) and commit 349a41da1 (for 1.0.2) in the OpenSSL git
repository.

This issue was reported to OpenSSL on 4th April 2018 by Alejandro Cabrera
Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia.
The fix was developed by Billy Brumley.

References
==========

URL for this Security Advisory:
https://www.openssl.org/news/secadv/20180416.txt

Note: the online version of the advisory may be updated with additional details
over time.

For details of OpenSSL severity classifications please see:
/policies/secpolicy.html
Click to expand...

eva2000 · Apr 18, 2018

thanks for the heads up

buik · Apr 18, 2018

N.P. Y.W. Due to the low severity you could patch the code.
What are you going to do?

eva2000 · Apr 18, 2018

hmm indeed they aren't that involved for the committed fixes to be made via patching as Centmin Mod Nginx routine lends itself to easy patching support Though RSA key generation process is it used at all for Nginx OpenSSL ?? So only time that would apply is if you call the OpenSSL binary /opt/openssl/bin/openssl instead of system openssl /usr/bin/openssl
Code (Text):
/opt/openssl/bin/openssl version -a
OpenSSL 1.1.0h  27 Mar 2018
built on: reproducible build, date unspecified
platform: linux-x86_64
options:  bn(64,64) rc4(16x,int) des(int) idea(int) blowfish(ptr) 
compiler: ccache gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/opt/openssl\"" -DENGINESDIR="\"/opt/openssl/lib/engines-1.1\""  -Wa,--noexecstack
OPENSSLDIR: "/opt/openssl"
ENGINESDIR: "/opt/openssl/lib/engines-1.1"
openssl 1.1.0 RSA key generation: ensure BN_mod_inverse and BN_mod_exp_mont both ge… · openssl/openssl@6939eab

openssl 1.0.2 RSA key generation: ensure BN_mod_inverse and BN_mod_exp_mont both ge… · openssl/openssl@349a41d

Just added to Centmin Mod 123.09beta01, OpenSSL 1.0.2o & 1.1.0h detection and auto patching for this CVE-2018-0737 when recompiling Nginx via centmin.sh menu option 4

Relevant line in patch log at /root/centminlogs/patch_opensslpatches_180418-021237.log after Nginx recompile via centmin.sh menu option 4 for Nginx 1.14.0 + OpenSSL 1.1.0h patched build
Code (Text):
cat /root/centminlogs/patch_opensslpatches_180418-021237.log

######################################################################
Patching OpenSSL 1.1.0h
######################################################################
Cache timing vulnerability in RSA Key Generation (CVE-2018-0737) patch
https://community.centminmod.com/threads/14584/
######################################################################
/svr-setup/openssl-1.1.0h /svr-setup/openssl-1.1.0h
patch -p1 < /usr/local/src/centminmod/patches/openssl/OpenSSL1.1h-cache-timing-rsa-key-gen.patch
patching file crypto/rsa/rsa_gen.c
nginx -V
nginx version: nginx/1.14.0
built by gcc 8.0.1 20180408 (experimental) (GCC)
built with OpenSSL 1.1.0h 27 Mar 2018
TLS SNI support enabled
configure arguments: --with-ld-opt='-ljemalloc -Wl,-z,relro -Wl,-rpath,/usr/local/lib' --with-cc-opt='-m64 -march=native -DTCP_FASTOPEN=23 -g -O3 -fstack-protector-strong -flto -fuse-ld=gold --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wimplicit-fallthrough=0 -fcode-hoisting -Wno-cast-function-type -Wp,-D_FORTIFY_SOURCE=2' --sbin-path=/usr/local/sbin/nginx --conf-path=/usr/local/nginx/conf/nginx.conf --with-compat --with-http_stub_status_module --with-http_secure_link_module --add-dynamic-module=../nginx-module-vts --with-libatomic --with-http_gzip_static_module --with-http_sub_module --with-http_addition_module --with-http_image_filter_module=dynamic --with-http_geoip_module --with-stream_geoip_module --with-stream_realip_module --with-stream_ssl_preread_module --with-threads --with-stream=dynamic --with-stream_ssl_module --with-http_realip_module --add-dynamic-module=../ngx-fancyindex-0.4.2 --add-module=../ngx_cache_purge-2.4.2 --add-module=../ngx_devel_kit-0.3.0 --add-dynamic-module=../set-misc-nginx-module-0.31 --add-dynamic-module=../echo-nginx-module-0.61 --add-module=../redis2-nginx-module-0.14 --add-module=../ngx_http_redis-0.3.7 --add-module=../memc-nginx-module-0.18 --add-module=../srcache-nginx-module-0.31 --add-dynamic-module=../headers-more-nginx-module-0.33 --with-pcre=../pcre-8.42 --with-pcre-jit --with-zlib=../zlib-cloudflare-1.3.0 --with-http_ssl_module --with-http_v2_module --with-openssl=../openssl-1.1.0h --with-openssl-opt='enable-ec_nistp_64_gcc_128'
Click to expand...

patch log for Nginx 1.14.0 + OpenSSL 1.0.2o
Code (Text):
cat /root/centminlogs/patch_opensslpatches_180418-022623.log

######################################################################
Patching OpenSSL 1.0.2o
######################################################################
Cache timing vulnerability in RSA Key Generation (CVE-2018-0737) patch
https://community.centminmod.com/threads/14584/
######################################################################
/svr-setup/openssl-1.0.2o /svr-setup/openssl-1.0.2o
patch -p1 < /usr/local/src/centminmod/patches/openssl/OpenSSL1.0.2o-cache-timing-rsa-key-gen.patch
patching file crypto/rsa/rsa_gen.c
nginx -V
nginx version: nginx/1.14.0
built by gcc 8.0.1 20180408 (experimental) (GCC)
built with OpenSSL 1.0.2o 27 Mar 2018
TLS SNI support enabled
configure arguments: --with-ld-opt='-ljemalloc -Wl,-z,relro -Wl,-rpath,/usr/local/lib' --with-cc-opt='-m64 -march=native -DTCP_FASTOPEN=23 -g -O3 -fstack-protector-strong -flto -fuse-ld=gold --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wimplicit-fallthrough=0 -fcode-hoisting -Wno-cast-function-type -Wp,-D_FORTIFY_SOURCE=2' --sbin-path=/usr/local/sbin/nginx --conf-path=/usr/local/nginx/conf/nginx.conf --with-compat --with-http_stub_status_module --with-http_secure_link_module --add-dynamic-module=../nginx-module-vts --with-libatomic --with-http_gzip_static_module --with-http_sub_module --with-http_addition_module --with-http_image_filter_module=dynamic --with-http_geoip_module --with-stream_geoip_module --with-stream_realip_module --with-stream_ssl_preread_module --with-threads --with-stream=dynamic --with-stream_ssl_module --with-http_realip_module --add-dynamic-module=../ngx-fancyindex-0.4.2 --add-module=../ngx_cache_purge-2.4.2 --add-module=../ngx_devel_kit-0.3.0 --add-dynamic-module=../set-misc-nginx-module-0.31 --add-dynamic-module=../echo-nginx-module-0.61 --add-module=../redis2-nginx-module-0.14 --add-module=../ngx_http_redis-0.3.7 --add-module=../memc-nginx-module-0.18 --add-module=../srcache-nginx-module-0.31 --add-dynamic-module=../headers-more-nginx-module-0.33 --with-pcre=../pcre-8.42 --with-pcre-jit --with-zlib=../zlib-cloudflare-1.3.0 --with-http_ssl_module --with-http_v2_module --with-openssl=../openssl-1.0.2o --with-openssl-opt='enable-ec_nistp_64_gcc_128'
Click to expand...

Log in / Register

Forums

Want to subscribe to topics you're interested in?

Security OpenSSL OpenSSL Security Advisory [16 Apr 2018]

buik “The best traveler is one without a camera.”

eva2000 Administrator Staff Member

buik “The best traveler is one without a camera.”

eva2000 Administrator Staff Member

.

Log in / Register

Useful Searches

Want to subscribe to topics you're interested in?

Security OpenSSL OpenSSL Security Advisory [16 Apr 2018]

buik “The best traveler is one without a camera.”

eva2000 Administrator Staff Member

buik “The best traveler is one without a camera.”

eva2000 Administrator Staff Member

.