Bugzilla – Bug 1111635
VUL-0: CVE-2018-1000807: python-pyOpenSSL: Use After Free vulnerability in X509 object handling
Last modified: 2024-05-13 16:53:57 UTC
CVE-2018-1000807 Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possible denial of service or remote code execution.. This attack appear to be exploitable via Depends on the calling application and if it retains a reference to the memory.. This vulnerability appears to have been fixed in 17.5.0. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1000807 http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000807.html
Isn't this (and whole CVE) de facto a duplicate of bug 1111634? It seems that solution for both is the same pull request gh#pyca/pyopenssl#723
(In reply to Matej Cepl from comment #3) > Isn't this (and whole CVE) de facto a duplicate of bug 1111634? It seems > that solution for both is the same pull request gh#pyca/pyopenssl#723 It's not a duplicate from the CVE point of view. The previous code contained two different vulnerabilities (Use-After-Free & Memory leak), which both were fixed with a single change/commit. From your point of view its mostly a duplicate, as you only need to apply the patch once ;).
(In reply to Karol Babioch from comment #4) > It's not a duplicate from the CVE point of view. The previous code contained > two different vulnerabilities (Use-After-Free & Memory leak), which both > were fixed with a single change/commit. > > From your point of view its mostly a duplicate, as you only need to apply > the patch once ;). Actually, it is a bit more complicated than that. gh#pyca/pyopenssl#723 depends on the existence of the function X509_up_ref() which is provided in the patch to python-cryptography gh#pyca/cryptography#4028 . Do I need to make an additional bug for that upgrade of pyca, or would this one cover both?
we can cover the function addition for python-cryptography in this bug too.
SUSE-SU-2018:4063-1: An update that solves two vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1021578,1111634,1111635 CVE References: CVE-2018-1000807,CVE-2018-1000808 Sources used: SUSE OpenStack Cloud 7 (src): python-cryptography-1.3.1-7.13.4, python-pyOpenSSL-16.0.0-4.11.3, python-setuptools-18.0.1-4.8.1 SUSE OpenStack Cloud 6-LTSS (src): python-setuptools-18.0.1-4.8.1 SUSE Linux Enterprise Software Development Kit 12-SP4 (src): python-setuptools-18.0.1-4.8.1 SUSE Linux Enterprise Software Development Kit 12-SP3 (src): python-setuptools-18.0.1-4.8.1 SUSE Linux Enterprise Server for SAP 12-SP2 (src): python-cryptography-1.3.1-7.13.4, python-pyOpenSSL-16.0.0-4.11.3, python-setuptools-18.0.1-4.8.1 SUSE Linux Enterprise Server 12-SP4 (src): python-cryptography-1.3.1-7.13.4, python-pyOpenSSL-16.0.0-4.11.3, python-setuptools-18.0.1-4.8.1 SUSE Linux Enterprise Server 12-SP3 (src): python-cryptography-1.3.1-7.13.4, python-pyOpenSSL-16.0.0-4.11.3, python-setuptools-18.0.1-4.8.1 SUSE Linux Enterprise Server 12-SP2-LTSS (src): python-cryptography-1.3.1-7.13.4, python-pyOpenSSL-16.0.0-4.11.3, python-setuptools-18.0.1-4.8.1 SUSE Linux Enterprise Server 12-SP2-BCL (src): python-cryptography-1.3.1-7.13.4, python-pyOpenSSL-16.0.0-4.11.3, python-setuptools-18.0.1-4.8.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): python-setuptools-18.0.1-4.8.1 SUSE Linux Enterprise Module for Public Cloud 12 (src): python-setuptools-18.0.1-4.8.1 SUSE Linux Enterprise Module for Containers 12 (src): python-setuptools-18.0.1-4.8.1 SUSE Linux Enterprise Desktop 12-SP4 (src): python-cryptography-1.3.1-7.13.4, python-pyOpenSSL-16.0.0-4.11.3, python-setuptools-18.0.1-4.8.1 SUSE Linux Enterprise Desktop 12-SP3 (src): python-cryptography-1.3.1-7.13.4, python-pyOpenSSL-16.0.0-4.11.3, python-setuptools-18.0.1-4.8.1 SUSE Enterprise Storage 4 (src): python-cryptography-1.3.1-7.13.4, python-pyOpenSSL-16.0.0-4.11.3, python-setuptools-18.0.1-4.8.1 SUSE CaaS Platform ALL (src): python-cryptography-1.3.1-7.13.4, python-setuptools-18.0.1-4.8.1 SUSE CaaS Platform 3.0 (src): python-cryptography-1.3.1-7.13.4, python-pyOpenSSL-16.0.0-4.11.3, python-setuptools-18.0.1-4.8.1 OpenStack Cloud Magnum Orchestration 7 (src): python-cryptography-1.3.1-7.13.4, python-setuptools-18.0.1-4.8.1
openSUSE-SU-2019:1104-1: An update that solves two vulnerabilities and has three fixes is now available. Category: security (important) Bug References: 1021578,1052927,1111634,1111635,1119077 CVE References: CVE-2018-1000807,CVE-2018-1000808 Sources used: openSUSE Leap 42.3 (src): python-cryptography-1.3.1-5.3.1, python-pyOpenSSL-16.0.0-5.8.2 *** NOTE: This information is not intended to be used for external communication, because this may only be a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-RU-2019:1161-1: An update that solves two vulnerabilities and has 18 fixes is now available. Category: recommended (moderate) Bug References: 1063535,1094690,1105822,1111634,1111635,1114632,1116501,1116686,1122053,1122237,1122875,1124017,1124022,1125180,1125216,1127752,1128479,1128928,1130414,127227 CVE References: CVE-2018-1000807,CVE-2018-1000808 Sources used: SUSE OpenStack Cloud Crowbar 8 (src): crowbar-5.0+git.1551088826.010c0399-3.12.2, crowbar-core-5.0+git.1552461227.43e65d269-3.20.2, crowbar-ha-5.0+git.1553248675.7e103ea-3.14.2, crowbar-openstack-5.0+git.1554709170.195ba0e26-4.22.2, documentation-suse-openstack-cloud-deployment-8.20190329-1.14.2, documentation-suse-openstack-cloud-supplement-8.20190329-1.14.2, documentation-suse-openstack-cloud-upstream-admin-8.20190329-1.14.2, documentation-suse-openstack-cloud-upstream-user-8.20190329-1.14.2, galera-python-clustercheck-0.0+git.1506329536.8f5878c-4.3.2, openstack-dashboard-12.0.4~dev5-3.17.3, openstack-ec2-api-5.0.1~dev10-4.6.2, openstack-heat-9.0.6~dev17-3.15.3, openstack-heat-doc-9.0.6~dev17-3.15.2, openstack-heat-templates-0.0.0+git.1553459627.948e8cc-3.9.2, openstack-horizon-plugin-ironic-ui-3.0.4~dev3-3.6.2, openstack-horizon-plugin-magnum-ui-3.0.1~dev9-3.6.2, openstack-horizon-plugin-sahara-ui-7.0.4~dev1-3.6.2, openstack-ironic-9.1.7~dev7-3.15.3, openstack-ironic-doc-9.1.7~dev7-3.15.2, openstack-keystone-12.0.3~dev1-5.16.3, openstack-keystone-doc-12.0.3~dev1-5.16.2, openstack-magnum-5.0.2~dev31-4.12.3, openstack-magnum-doc-5.0.2~dev31-4.12.2, openstack-manila-5.0.4~dev17-3.15.3, openstack-manila-doc-5.0.4~dev17-3.15.2, openstack-monasca-api-2.2.1~dev25-3.9.3, openstack-monasca-notification-1.10.2~dev2-3.6.3, openstack-monasca-persister-1.7.1~dev8-3.6.3, openstack-murano-4.0.1~dev5-3.6.2, openstack-murano-doc-4.0.1~dev5-3.6.2, openstack-neutron-11.0.7~dev100-3.15.3, openstack-neutron-doc-11.0.7~dev100-3.15.2, openstack-neutron-fwaas-11.0.2~dev8-3.11.2, openstack-neutron-fwaas-doc-11.0.2~dev8-3.11.2, openstack-nova-16.1.8~dev53-3.20.3, openstack-nova-doc-16.1.8~dev53-3.20.2, openstack-octavia-1.0.5~dev1-4.15.2, openstack-sahara-7.0.4~dev1-3.9.3, openstack-sahara-doc-7.0.4~dev1-3.9.2, openstack-swift-2.15.2~dev32-3.6.2, openstack-swift-doc-2.15.2~dev32-3.6.2, openstack-tempest-17.0.0-4.6.2, python-cinderclient-3.1.1-3.3.2, python-cryptography-2.0.3-3.7.2, python-monasca-common-2.3.1~dev4-4.6.2, python-os-brick-1.15.8-3.3.2 SUSE OpenStack Cloud 8 (src): ardana-ansible-8.0+git.1553878455.7439e04-3.58.2, ardana-cobbler-8.0+git.1550694449.df88054-3.35.2, ardana-db-8.0+git.1550589454.df2e733-3.22.2, ardana-heat-8.0+git.1552935705.e9a92b3-3.9.2, ardana-manila-8.0+git.1551748668.7427826-1.15.2, ardana-neutron-8.0+git.1551113207.9f1db17-3.27.2, ardana-nova-8.0+git.1551718533.227cb9e-3.26.2, ardana-octavia-8.0+git.1553890679.8a50307-3.14.2, ardana-osconfig-8.0+git.1552503158.6b6b195-3.33.2, ardana-service-8.0+git.1551382173.a81d5e1-3.23.2, ardana-ses-8.0+git.1554145115.63a4cf2-1.17.2, ardana-swift-8.0+git.1551502730.f4d219d-3.24.2, ardana-tempest-8.0+git.1554307220.ed24e63-3.18.2, documentation-suse-openstack-cloud-installation-8.20190329-1.14.2, documentation-suse-openstack-cloud-operations-8.20190329-1.14.2, documentation-suse-openstack-cloud-opsconsole-8.20190329-1.14.2, documentation-suse-openstack-cloud-planning-8.20190329-1.14.2, documentation-suse-openstack-cloud-security-8.20190329-1.14.2, documentation-suse-openstack-cloud-supplement-8.20190329-1.14.2, documentation-suse-openstack-cloud-upstream-admin-8.20190329-1.14.2, documentation-suse-openstack-cloud-upstream-user-8.20190329-1.14.2, documentation-suse-openstack-cloud-user-8.20190329-1.14.2, galera-python-clustercheck-0.0+git.1506329536.8f5878c-4.3.2, openstack-dashboard-12.0.4~dev5-3.17.3, openstack-ec2-api-5.0.1~dev10-4.6.2, openstack-heat-9.0.6~dev17-3.15.3, openstack-heat-doc-9.0.6~dev17-3.15.2, openstack-heat-templates-0.0.0+git.1553459627.948e8cc-3.9.2, openstack-horizon-plugin-ironic-ui-3.0.4~dev3-3.6.2, openstack-horizon-plugin-magnum-ui-3.0.1~dev9-3.6.2, openstack-horizon-plugin-sahara-ui-7.0.4~dev1-3.6.2, openstack-ironic-9.1.7~dev7-3.15.3, openstack-ironic-doc-9.1.7~dev7-3.15.2, openstack-keystone-12.0.3~dev1-5.16.3, openstack-keystone-doc-12.0.3~dev1-5.16.2, openstack-magnum-5.0.2~dev31-4.12.3, openstack-magnum-doc-5.0.2~dev31-4.12.2, openstack-manila-5.0.4~dev17-3.15.3, openstack-manila-doc-5.0.4~dev17-3.15.2, openstack-monasca-api-2.2.1~dev25-3.9.3, openstack-monasca-notification-1.10.2~dev2-3.6.3, openstack-monasca-persister-1.7.1~dev8-3.6.3, openstack-murano-4.0.1~dev5-3.6.2, openstack-murano-doc-4.0.1~dev5-3.6.2, openstack-neutron-11.0.7~dev100-3.15.3, openstack-neutron-doc-11.0.7~dev100-3.15.2, openstack-neutron-fwaas-11.0.2~dev8-3.11.2, openstack-neutron-fwaas-doc-11.0.2~dev8-3.11.2, openstack-nova-16.1.8~dev53-3.20.3, openstack-nova-doc-16.1.8~dev53-3.20.2, openstack-octavia-1.0.5~dev1-4.15.2, openstack-sahara-7.0.4~dev1-3.9.3, openstack-sahara-doc-7.0.4~dev1-3.9.2, openstack-swift-2.15.2~dev32-3.6.2, openstack-swift-doc-2.15.2~dev32-3.6.2, openstack-tempest-17.0.0-4.6.2, python-cinderclient-3.1.1-3.3.2, python-cryptography-2.0.3-3.7.2, python-monasca-common-2.3.1~dev4-4.6.2, python-os-brick-1.15.8-3.3.2, venv-openstack-aodh-5.1.1~dev6-12.14.3, venv-openstack-barbican-5.0.2~dev2-12.15.3, venv-openstack-ceilometer-9.0.7~dev2-12.12.3, venv-openstack-cinder-11.1.2~dev58-14.15.3, venv-openstack-designate-5.0.3~dev6-12.13.3, venv-openstack-freezer-5.0.0.0~xrc2~dev2-10.10.3, venv-openstack-glance-15.0.2~dev9-12.13.3, venv-openstack-heat-9.0.6~dev17-12.15.3, venv-openstack-horizon-12.0.4~dev5-14.20.3, venv-openstack-ironic-9.1.7~dev7-12.15.3, venv-openstack-keystone-12.0.3~dev1-11.15.3, venv-openstack-magnum-5.0.2-11.13.1, venv-openstack-manila-5.0.4~dev17-12.17.3, venv-openstack-monasca-2.2.1-11.11.1, venv-openstack-monasca-ceilometer-1.5.1-8.9.1, venv-openstack-murano-4.0.1-12.9.1, venv-openstack-neutron-11.0.2-13.17.1, venv-openstack-nova-16.1.8~dev53-11.16.3, venv-openstack-octavia-1.0.5~dev1-12.15.3, venv-openstack-sahara-7.0.4~dev1-11.14.3, venv-openstack-swift-2.15.2-11.9.1, venv-openstack-trove-8.0.1~dev12-11.14.3 HPE Helion Openstack 8 (src): ardana-ansible-8.0+git.1553878455.7439e04-3.58.2, ardana-cobbler-8.0+git.1550694449.df88054-3.35.2, ardana-db-8.0+git.1550589454.df2e733-3.22.2, ardana-heat-8.0+git.1552935705.e9a92b3-3.9.2, ardana-manila-8.0+git.1551748668.7427826-1.15.2, ardana-neutron-8.0+git.1551113207.9f1db17-3.27.2, ardana-nova-8.0+git.1551718533.227cb9e-3.26.2, ardana-octavia-8.0+git.1553890679.8a50307-3.14.2, ardana-osconfig-8.0+git.1552503158.6b6b195-3.33.2, ardana-service-8.0+git.1551382173.a81d5e1-3.23.2, ardana-ses-8.0+git.1554145115.63a4cf2-1.17.2, ardana-swift-8.0+git.1551502730.f4d219d-3.24.2, ardana-tempest-8.0+git.1554307220.ed24e63-3.18.2, documentation-hpe-helion-openstack-installation-8.20190329-1.14.2, documentation-hpe-helion-openstack-operations-8.20190329-1.14.2, documentation-hpe-helion-openstack-opsconsole-8.20190329-1.14.2, documentation-hpe-helion-openstack-planning-8.20190329-1.14.2, documentation-hpe-helion-openstack-security-8.20190329-1.14.2, documentation-hpe-helion-openstack-user-8.20190329-1.14.2, galera-python-clustercheck-0.0+git.1506329536.8f5878c-4.3.2, openstack-dashboard-12.0.4~dev5-3.17.3, openstack-ec2-api-5.0.1~dev10-4.6.2, openstack-heat-9.0.6~dev17-3.15.3, openstack-heat-doc-9.0.6~dev17-3.15.2, openstack-heat-templates-0.0.0+git.1553459627.948e8cc-3.9.2, openstack-horizon-plugin-ironic-ui-3.0.4~dev3-3.6.2, openstack-horizon-plugin-magnum-ui-3.0.1~dev9-3.6.2, openstack-horizon-plugin-sahara-ui-7.0.4~dev1-3.6.2, openstack-ironic-9.1.7~dev7-3.15.3, openstack-ironic-doc-9.1.7~dev7-3.15.2, openstack-keystone-12.0.3~dev1-5.16.3, openstack-keystone-doc-12.0.3~dev1-5.16.2, openstack-magnum-5.0.2~dev31-4.12.3, openstack-magnum-doc-5.0.2~dev31-4.12.2, openstack-manila-5.0.4~dev17-3.15.3, openstack-manila-doc-5.0.4~dev17-3.15.2, openstack-monasca-api-2.2.1~dev25-3.9.3, openstack-monasca-notification-1.10.2~dev2-3.6.3, openstack-monasca-persister-1.7.1~dev8-3.6.3, openstack-murano-4.0.1~dev5-3.6.2, openstack-murano-doc-4.0.1~dev5-3.6.2, openstack-neutron-11.0.7~dev100-3.15.3, openstack-neutron-doc-11.0.7~dev100-3.15.2, openstack-neutron-fwaas-11.0.2~dev8-3.11.2, openstack-neutron-fwaas-doc-11.0.2~dev8-3.11.2, openstack-nova-16.1.8~dev53-3.20.3, openstack-nova-doc-16.1.8~dev53-3.20.2, openstack-octavia-1.0.5~dev1-4.15.2, openstack-sahara-7.0.4~dev1-3.9.3, openstack-sahara-doc-7.0.4~dev1-3.9.2, openstack-swift-2.15.2~dev32-3.6.2, openstack-swift-doc-2.15.2~dev32-3.6.2, openstack-tempest-17.0.0-4.6.2, python-cinderclient-3.1.1-3.3.2, python-cryptography-2.0.3-3.7.2, python-monasca-common-2.3.1~dev4-4.6.2, python-os-brick-1.15.8-3.3.2, venv-openstack-aodh-5.1.1~dev6-12.14.3, venv-openstack-barbican-5.0.2~dev2-12.15.3, venv-openstack-ceilometer-9.0.7~dev2-12.12.3, venv-openstack-cinder-11.1.2~dev58-14.15.3, venv-openstack-designate-5.0.3~dev6-12.13.3, venv-openstack-freezer-5.0.0.0~xrc2~dev2-10.10.3, venv-openstack-glance-15.0.2~dev9-12.13.3, venv-openstack-heat-9.0.6~dev17-12.15.3, venv-openstack-horizon-hpe-12.0.4~dev5-14.20.3, venv-openstack-ironic-9.1.7~dev7-12.15.3, venv-openstack-keystone-12.0.3~dev1-11.15.3, venv-openstack-magnum-5.0.2-11.13.1, venv-openstack-manila-5.0.4~dev17-12.17.3, venv-openstack-monasca-2.2.1-11.11.1, venv-openstack-monasca-ceilometer-1.5.1-8.9.1, venv-openstack-murano-4.0.1-12.9.1, venv-openstack-neutron-11.0.2-13.17.1, venv-openstack-nova-16.1.8~dev53-11.16.3, venv-openstack-octavia-1.0.5~dev1-12.15.3, venv-openstack-sahara-7.0.4~dev1-11.14.3, venv-openstack-swift-2.15.2-11.9.1, venv-openstack-trove-8.0.1~dev12-11.14.3 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2024:1626-1: An update that solves two vulnerabilities and has one security fix can now be installed. Category: security (important) Bug References: 1021578, 1111634, 1111635 CVE References: CVE-2018-1000807, CVE-2018-1000808 Maintenance Incident: [SUSE:Maintenance:33804](https://smelt.suse.de/incident/33804/) Sources used: SUSE Linux Enterprise High Performance Computing 12 SP5 (src): python-pyOpenSSL-17.1.0-4.26.1 SUSE Linux Enterprise Server 12 SP5 (src): python-pyOpenSSL-17.1.0-4.26.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): python-pyOpenSSL-17.1.0-4.26.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.