|
|
Log in / Subscribe / Register

Critical new bug in crypto library leaves Linux, apps open to drive-by attacks (Ars Technica)

[Posted June 3, 2014 by jake]

Ars Technica reports on a buffer overflow in GnuTLS, which is an alternative to OpenSSL for SSL/TLS support. The length checks for the session ID in the ServerHello message were not correct, which allowed the overflow. "Maliciously configured servers can exploit the bug by sending malformed data to devices as they establish encrypted HTTPS connections. Devices that rely on an unpatched version of GnuTLS can then be remotely hijacked by malicious code of the attacker's choosing, security researchers who examined the fix warned. The bug wasn't patched until Friday [May 30], with the release of GnuTLS versions 3.1.25, 3.2.15, and 3.3.4. While the patch has been available for three days, it will protect people only when the GnuTLS-dependent software they use has incorporated it. With literally hundreds of packages dependent on the library, that may take time." This analysis shows how the bug could be exploited for arbitrary code execution.
to post comments

Critical new bug in crypto library leaves Linux, apps open to drive-by attacks (Ars Technica)

Posted Jun 4, 2014 6:30 UTC (Wed) by geuder (subscriber, #62854) [Link] (6 responses)

> while the patch has been available for three days, it will protect people only when the GnuTLS-dependent software they use has incorporated it. With literally hundreds of packages dependent on the library, that may take time

Hmm, not sure what they refer to. Is there any Linux distro that does not use shared libraries?

In Ubuntu 10.04 I got the fix yesterday. What the packager hadn't done though, is warn the admin of any processes that might need a restart. Not sure how such warning should even be implemented correctly, is there a standardized way of presenting messages if the update is installed under a graphical package manager frontend? Anyway, I run a simple sudo lsof | grep "DEL\|(deleted)" and saw that I needed to restart 3 processes.

OpenSUSE handles these warning routinely without any support from the packager. "sudo zypper ps" shows the details. Haven't yet seen the GnuTLS fix there, though.

GnuTLS is LGPL. So it could of course be part of all kind of closed source software, appliances or whatever. Not sure how commonly that is the case.

Critical new bug in crypto library leaves Linux, apps open to drive-by attacks (Ars Technica)

Posted Jun 4, 2014 12:45 UTC (Wed) by proski (guest, #104) [Link] (2 responses)

Parts of that text are struck out in the original article now. I guess it means the dependent packages don't need to be recompiled.

Critical new bug in crypto library leaves Linux, apps open to drive-by attacks (Ars Technica)

Posted Jun 4, 2014 12:54 UTC (Wed) by geuder (subscriber, #62854) [Link]

True. So nothing magic, just a simple mistake in the original news article.

Critical new bug in crypto library leaves Linux, apps open to drive-by attacks (Ars Technica)

Posted Jun 4, 2014 17:31 UTC (Wed) by roblucid (guest, #48964) [Link]

Presumbably one day, one of this style of bug is going to hit a library bundled with many Java applications.

Then they'll have real fun plugging the hole, with various old and locally hacked versions included with applications.

Critical new bug in crypto library leaves Linux, apps open to drive-by attacks (Ars Technica)

Posted Jun 4, 2014 14:13 UTC (Wed) by hmh (subscriber, #3838) [Link] (2 responses)

Look for the "checkrestart" utility. It is from Debian, but Ubuntu also has it. Package "debian-goodies".

I guess we need to add the stuff in the libssl pre/postinst to libgnutls as well, to handle restarting of related software.

Critical new bug in crypto library leaves Linux, apps open to drive-by attacks (Ars Technica)

Posted Jun 4, 2014 22:12 UTC (Wed) by geuder (subscriber, #62854) [Link] (1 responses)

> Look for the "checkrestart" utility

Yes, I tried it with today's patches (not the gnutls ones, they were already installed yesterday). checkrestart reported 2 false positives, both caused by some kind of temporary files, which had been deleted (one was a mime.cache, don't remember the other one)

One time it was unable to guess the right init.d script.

So I end up running lsof anyway to verify whether the restart is really needed. I guess then I prefer running lsof in the first place.

Not sure how "zypper ps" is implemented. I don't think I have seen it reporting false positives, and I have used it a lot. It does report wrong command names though, so I typically feed the pid into "ps -o cmd,cgroup $pid". That is one of the nice things of systemd's cgroup usage, you are always told what service to restart, no background knowlegde or guessing needed. That's of course nothing checkrestart could fix, as long as cgroups are not used that way.

Critical new bug in crypto library leaves Linux, apps open to drive-by attacks (Ars Technica)

Posted Jun 6, 2014 8:17 UTC (Fri) by robbe (guest, #16131) [Link]

You could also try whatmaps:
https://packages.debian.org/search?keywords=whatmaps

I was not so happy with it, and will stay with my home-grown solution...

Critical new bug in crypto library leaves Linux, apps open to drive-by attacks (Ars Technica)

Posted Jun 4, 2014 7:06 UTC (Wed) by ebirdie (guest, #512) [Link] (1 responses)

Oh well, nice. Got the upgrade to my lovely Debian boxes yesterday, but, first of all, just neglected the fact there was an upgrade to a crypto- and security library and didn't go further to check security advisory, what kind of vulnerability was fixed. Thus I didn't run checkrestart or restarted the systems, although I know and should have done them as a standard practice. So there they were vulnerable for another day until caught by this news item.

Thank you for the news item for a wake-up call and for the fixes.

Critical new bug in crypto library leaves Linux, apps open to drive-by attacks (Ars Technica)

Posted Jun 4, 2014 10:22 UTC (Wed) by geuder (subscriber, #62854) [Link]

Ah, checkrestart. Must have been mentioned in some comment on this site before, I vaguely remember.

Need to start to use it in parallel with my lsof command to see whether there are any difference.

Critical new bug in crypto library leaves Linux, apps open to drive-by attacks (Ars Technica)

Posted Jun 4, 2014 11:09 UTC (Wed) by ssam (guest, #46587) [Link]

Looks like the update is slowly making its way to fedora ('yum update' does not get it for me yet).
https://admin.fedoraproject.org/updates/FEDORA-2014-6891/...

Critical new bug in crypto library leaves Linux, apps open to drive-by attacks (Ars Technica)

Posted Jun 4, 2014 14:16 UTC (Wed) by SEJeff (guest, #51588) [Link] (2 responses)

Said from Howard Chu a few years ago and still rings true:

http://www.openldap.org/lists/openldap-devel/200802/msg00...

Critical new bug in crypto library leaves Linux, apps open to drive-by attacks (Ars Technica)

Posted Jun 4, 2014 16:24 UTC (Wed) by drag (guest, #31333) [Link]

So far I am happy I use mod_nss on my web servers.

Also, on a side note, here is a secure webserver running Libressl + Nginx + Linux:

https://lolware.net/nginx.html

"""The promise of "drop in replacement" is currently completely accurate"""

Critical new bug in crypto library leaves Linux, apps open to drive-by attacks (Ars Technica)

Posted Jun 4, 2014 17:55 UTC (Wed) by roblucid (guest, #48964) [Link]

Looking through the thread, a libgnutls developer makes the comment :

"In the end, this is about economics and trade-offs. While the code is
technically sometimes both inefficient and inelegant, there are too few
people who work on it to make re-writing code a good use of our time.
If GnuTLS was a larger and funded project like OpenSSL, NSS, or
OpenLDAP, things may be different."

Post Heartbleed that's amusing, in a dark way


Copyright © 2014, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds