Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 620186 (CVE-2017-9148) - <net-dialup/freeradius-3.0.14: TLS resumption authentication bypass (CVE-2017-9148)
Summary: <net-dialup/freeradius-3.0.14: TLS resumption authentication bypass (CVE-2017...
Status: RESOLVED FIXED
Alias: CVE-2017-9148
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: http://www.openwall.com/lists/oss-sec...
Whiteboard: B3 [glsa cve]
Keywords:
: 620102 (view as bug list)
Depends on:
Blocks:
 
Reported: 2017-05-30 07:49 UTC by Agostino Sarubbo
Modified: 2017-06-27 10:06 UTC (History)
2 users (show)

See Also:
Package list:
net-dialup/freeradius-3.0.14
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2017-05-30 07:49:09 UTC
From ${URL} :

Vendor: The FreeRADIUS Project

Product: FreeRADIUS server


Affected Versions:

2.2.x (EOL but still found in some Linux distros): All versions.

3.0.x (stable): All versions before 3.0.14.

3.1.x and 4.0.x (development): All versions before 2017-02-04.


Description:

The implementation of TTLS and PEAP in FreeRADIUS skips inner
authentication when it handles a resumed TLS connection. This is a feature
but there is a critical catch: the server must never allow resumption of a
TLS session until its initial connection gets to the point where inner
authentication has been finished successfully.

Unfortunately, affected versions of FreeRADIUS fail to reliably prevent
resumption of unauthenticated sessions unless the TLS session cache is
disabled completely and allow an attacker (e.g. a malicious supplicant) 
to elicit EAP Success without sending any valid credentials.


Mitigation:

(a) Disable TLS session caching. Set enabled = no in the cache subsection 
of eap module settings (raddb/mods-enabled/eap in the standard 
v3.0.x-style layout).

(b) Upgrade to version 3.0.14.


Credits:

Stefan Winter of the RESTENA Foundation (initial discovery)

Lubo� Pavl��ek of the University of Economics, Prague (independent 
rediscovery)


Timeline:

"a few months" ago: Vulnerability discovered and reported by Stefan Winter.

2017-02-03: The first (and mostly ineffective) attempt to fix the
vulnerability in v3.0.x branch (commits 5aabc3b1 and 6b909d0c).

2017-02-04 Vulnerability fixed in v3.1.x and v4.0.x branches (commits
813a93a7 and c703ad96, respectively).

2017-03-06 Version 3.0.13 released without any explicit indication that it
was supposed to fix a serious vulnerability (but it was probably better
that way because the vulnerability was not really fixed).

2017-04-24 Vulnerability rediscovered by Lubo� Pavl��ek.

2017-04-25 PoC exploit developed and used to confirm 3.0.13 is still
vulnerable. Vulnerability reported... again.

2017-05-08 The second (and hopefuly final) attempt to fix the vulnerability
in v3.0.x (commits af030bd4 and 8f53382c).

2017-05-26 Version 3.0.14 released.


References:

[1] <http://freeradius.org/security.html>
[2] <http://freeradius.org/press/index.html#3.0.14>


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2017-05-30 11:00:33 UTC
*** Bug 620102 has been marked as a duplicate of this bug. ***
Comment 2 Thomas Deutschmann (RETIRED) gentoo-dev 2017-06-08 23:21:23 UTC
@ Arches,

please test and mark stable: =net-dialup/freeradius-3.0.14
Comment 3 Agostino Sarubbo gentoo-dev 2017-06-09 09:45:18 UTC
amd64 stable
Comment 4 Agostino Sarubbo gentoo-dev 2017-06-09 10:21:25 UTC
x86 stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 5 Thomas Deutschmann (RETIRED) gentoo-dev 2017-06-09 12:41:26 UTC
GLSA Vote: Yes

New GLSA request filed.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2017-06-27 10:06:49 UTC
This issue was resolved and addressed in
 GLSA 201706-27 at https://security.gentoo.org/glsa/201706-27
by GLSA coordinator Thomas Deutschmann (whissi).