Bugzilla – Bug 843509
VUL-0: CVE-2013-2061: openvpn: use of non-constant-time memcmp in HMAC comparison in openvpn_decrypt
Last modified: 2013-12-02 14:37:49 UTC
via rh bugzilla CVE-2013-2061 References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2061 https://bugzilla.redhat.com/show_bug.cgi?id=960192 According to the upstream security report [1] the following flaw was found in OpenVPN 2.3.0 and earlier: OpenVPN 2.3.0 and earlier running in UDP mode are subject to chosen ciphertext injection due to a non-constant-time HMAC comparison function. Plaintext recovery may be possible using a padding oracle attack on the CBC mode cipher implementation of the crypto library, optimistically at a rate of about one character per 3 hours. PolarSSL seems vulnerable to such an attack; the vulnerability of OpenSSL has not been verified or tested. OpenVPN servers are typically configured to silently drop packets with the wrong HMAC. For this reason measuring the processing time of the packets is not trivial without a MITM position. In practice, the attack likely needs some target-specific information to be effective. The severity of this vulnerability can be considered low. Only if OpenVPN is configured to use a null-cipher, arbitrary plain-text can be injected which can completely open up this attack vector. A fix has been committed to git [2]; this is corrected in OpenVPN 2.3.1 and later. [1] https://community.openvpn.net/openvpn/wiki/SecurityAnnouncement-f375aa67cc [2] https://github.com/OpenVPN/openvpn/commit/11d21349a4e7e38a025849479b36ace7c2eec2ee
bugbot adjusting priority
The SWAMPID for this issue is 54893. This issue was rated as moderate. Please submit fixed packages until 2013-11-14. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
This is an autogenerated message for OBS integration: This bug (843509) was mentioned in https://build.opensuse.org/request/show/205450 12.3 / openvpn https://build.opensuse.org/request/show/205451 12.2 / openvpn
openSUSE-SU-2013:1645-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 843509 CVE References: CVE-2013-2061 Sources used: openSUSE 12.3 (src): openvpn-2.2.2-9.5.1 openSUSE 12.2 (src): openvpn-2.2.2-3.8.1
openSUSE-SU-2013:1649-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 843509 CVE References: CVE-2013-2061 Sources used: openSUSE 11.4 (src): openvpn-2.1.4-11.34.1
Update released for: openvpn, openvpn-auth-pam-plugin, openvpn-debuginfo, openvpn-debugsource, openvpn-down-root-plugin Products: SLE-SERVER 11-SP1-TERADATA (x86_64)
Update released for: openvpn, openvpn-auth-pam-plugin, openvpn-debuginfo, openvpn-debugsource, openvpn-down-root-plugin Products: SLE-DEBUGINFO 11-SP3 (i386, ia64, ppc64, s390x, x86_64) SLE-DESKTOP 11-SP3 (i386, x86_64) SLE-SERVER 11-SP3 (i386, ia64, ppc64, s390x, x86_64) SLES4VMWARE 11-SP3 (i386, x86_64)
Update released for: openvpn, openvpn-auth-pam-plugin, openvpn-debuginfo, openvpn-debugsource, openvpn-down-root-plugin Products: SLE-DEBUGINFO 11-SP2 (i386, ia64, ppc64, s390x, x86_64) SLE-DESKTOP 11-SP2 (i386, x86_64) SLE-SERVER 11-SP2 (i386, ia64, ppc64, s390x, x86_64) SLES4VMWARE 11-SP2 (i386, x86_64)
released