Changes between Initial Version and Version 1 of Ticket #24246


Ignore:
Timestamp:
Dec 1, 2017, 2:01:00 PM (2 weeks ago)
Author:
nickm
Comment:

Fixed in today's security releases.

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #24246

    • Property Status changed from assigned to closed
    • Property Resolution changed from to fixed
    • Property Summary changed from Fix TROVE-2017-011 to Fix TROVE-2017-011: An attacker can make tor ask for a password
  • Ticket #24246 – Description

    initial v1  
     1{{{
     2TROVE-2017-011: An attacker can make Tor ask for a password
     3
     4SEVERITY: High
     5
     6ALSO TRACKED AS: OSS-Fuzz testcase 6360145429790720, CVE-2017-8821
     7
     8CREDIT: This was found by OSS-Fuzz.
     9
     10SUMMARY:
     11
     12  All over our code, we accept parse RSA public keys in the "PEM"
     13  format, such as:
     14
     15  -----BEGIN RSA PUBLIC KEY-----
     16  SXQncyBjb29sIHRoYXQgeW91IHdlcmUgY29uY2VybmVkIGVub3VnaCB0byBjaGVj
     17  aywgYnV0IHRoZXJlIGlzIGluIGZhY3Qgbm8gc2VjcmV0IGluZm9ybWF0aW9uIGhl
     18  cmUuICBUaGlzIHNwYWNlIGludGVudGlvbmFsbHkgbGVmdCBibGFuay4=\n
     19  -----END RSA PUBLIC KEY-----
     20
     21  But if you pass OpenSSL a public key that's suitably constructed, it
     22  will ask for a password.  This applies to public keys as well as
     23  private keys!
     24
     25  If this "key" is used in a microdescriptor, an onion service
     26  descriptor, a relay or bridge descriptor, or anywhere, then OpenSSL
     27  will pause, and ask for a passphrase.  This blocks Tor, causing a
     28  denial of service attack. If it causes an onion service or busy client
     29  to block, this could aid in traffic analysis.
     30
     31  Tors that are running as a daemon (without a terminal) or inside
     32  another process may not be vulnerable -- it depends on OpenSSL's
     33  behavior when it tries to ask for a password.
     34
     35FIX:
     36
     37  Everyone affected should upgrade to one of the releases with the fix
     38  for this issue: 0.2.5.16, 0.2.8.17, 0.2.9.14, 0.3.0.13, 0.3.1.9, or
     39  0.3.2.6-alpha.
     40
     41}}}