Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 548136 (CVE-2015-3152) - dev-db/percona-server: SSL/TLS downgrade
Summary: dev-db/percona-server: SSL/TLS downgrade
Status: RESOLVED FIXED
Alias: CVE-2015-3152
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Low trivial (vote)
Assignee: Gentoo Security
URL: http://www.openwall.com/lists/oss-sec...
Whiteboard: ~4 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2015-04-29 14:36 UTC by Agostino Sarubbo
Modified: 2017-11-04 18:48 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2015-04-29 14:36:24 UTC
+++ This bug was initially created as a clone of Bug #548132 +++

From ${URL} :

The MySQL project is an open source relational database management system.

A vulnerability has been reported concerning the impossibility for MySQL users
(with any major stable version) to enforce an effective SSL/TLS connection
that would be immune from man-in-the-middle (MITM) attacks performing a
malicious downgrade.

While the issue has been addressed in MySQL preview release 5.7.3 in December
2013, it is perceived that the majority of MySQL users are not aware of this
limitation and that the issue should be treated as a vulnerability.

The vulnerability lies within the behaviour of the '--ssl' client option,
which on affected versions it is being treated as "advisory". Therefore while
the option would attempt an SSL/TLS connection to be initiated towards a
server, it would not actually require it. This allows a MITM attack to
transparently "strip" the SSL/TLS protection.

The issue affects the ssl client option whether used directly or triggered
automatically by the use of other ssl options ('--ssl-xxx') that imply
'--ssl'.

Such behavior is clearly indicated in MySQL reference manual as follows:

  For the server, this option specifies that the server permits but does not require
  SSL connections.

  For a client program, this option permits but does not require the client to
  connect to the server using SSL. Therefore, this option is not sufficient in
  itself to cause an SSL connection to be used. For example, if you specify this
  option for a client program but the server has not been configured to permit
  SSL connections, an unencrypted connection is used.

In a similar manner to the new '--ssl' option behaviour, users of the MySQL
client library (Connector/C, libmysqlclient), as of MySQL 5.7.3, can take
advantage of the MYSQL_OPT_SSL_ENFORCE option to enforce SSL/TLS connections.

The vulnerability also affects the MySQL forks MariaDB and Percona Server, as
the relevant 5.7.3 patch has not been pulled, at the time of this advisory, in
their respective stable versions.

Affected version:

MySQL <= 5.7.2

MySQl Connector/C (libmysqlclient) < 6.1.3

Percona Server, all versions

MariaDB, all versions

Fixed version:

MySQL >= 5.7.3

MySQl Connector/C (libmysqlclient) >= 6.1.3

Percona Server, N/A

MariaDB, N/A

Credit: vulnerability report from Adam Goodman, Principal Security Architect
at Duo Security.

CVE: CVE-2015-3152 (MariaDB, Percona)

Timeline:

2015-03-20: vulnerability report received
2015-03-23: contacted Oracle Security
2015-04-04: oCERT sets embargo date to April 29th
2015-04-20: reporter confirms MariaDB is affected
2015-04-22: contacted MariaDB and affected vendors, assigned CVEs
2015-04-23: contacted Percona
2015-04-29: advisory release

References:
https://github.com/mysql/mysql-server/commit/3bd5589e1a5a93f9c224badf983cd65c45215390
http://mysqlblog.fivefarmers.com/2014/04/02/redefining-ssl-option
http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-3.html
https://mariadb.atlassian.net/browse/MDEV-7937
https://bugs.launchpad.net/percona-server/+bug/1447527

Permalink:
http://www.ocert.org/advisories/ocert-2015-003.html



@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-10-05 16:53:36 UTC
ping.

MariaDB is already fixed in tree, I can't find any related info for Percona.

MySQLConnector seems to be fixed and stable in tree.

MySQL still needs a version bump, first fixed version is 5.7.3 and we have 5.6.37 in tree.

@Maintainers could you please confirm and bump a new version if necessary?

Gentoo Security Padawan
ChrisADR
Comment 2 Brian Evans Gentoo Infrastructure gentoo-dev 2017-10-05 17:09:35 UTC
(In reply to Christopher Díaz from comment #1)
> ping.
> 
> MariaDB is already fixed in tree, I can't find any related info for Percona.
> 
> MySQLConnector seems to be fixed and stable in tree.
> 
> MySQL still needs a version bump, first fixed version is 5.7.3 and we have
> 5.6.37 in tree.
> 
> @Maintainers could you please confirm and bump a new version if necessary?
> 
> Gentoo Security Padawan
> ChrisADR

MySQL 5.7 will not be entering the tree any time soon.
Are you sure that 5.6.37 doesn't have this fix?  It is still security supported.
Comment 3 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-10-05 17:20:13 UTC
From:
 
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-3.html#mysqld-5-7-3-security


>Incompatible Change: Previously, the --ssl option has been treated as advisory: 
>When given, an encrypted connection was permitted but not required. Also, several 
>other --ssl-xxx options implied --ssl. Because of this, the option was usually not 
>used explicitly as --ssl, but in its negated form as --ssl=0, which prevents use 
>of encryption. This was true on both the client and server sides, and true for any 
>synonyms of --ssl (--ssl=1, --enable-ssl) or --ssl=0 (--skip-ssl, --disable-ssl).


>Now the meaning of --ssl has changed on the client-side only. (There are no 
>secure-connection changes on the server side.)

Seems it was not backported.

Gentoo Security Padawan
ChrisADR
Comment 4 Brian Evans Gentoo Infrastructure gentoo-dev 2017-10-05 17:38:28 UTC
(In reply to Christopher Díaz from comment #3)
> From:
>  
> https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-3.html#mysqld-5-7-3-
> security
> 
> 
> >Incompatible Change: Previously, the --ssl option has been treated as advisory: 
> >When given, an encrypted connection was permitted but not required. Also, several 
> >other --ssl-xxx options implied --ssl. Because of this, the option was usually not 
> >used explicitly as --ssl, but in its negated form as --ssl=0, which prevents use 
> >of encryption. This was true on both the client and server sides, and true for any 
> >synonyms of --ssl (--ssl=1, --enable-ssl) or --ssl=0 (--skip-ssl, --disable-ssl).
> 
> 
> >Now the meaning of --ssl has changed on the client-side only. (There are no 
> >secure-connection changes on the server side.)
> 
> Seems it was not backported.
> 
> Gentoo Security Padawan
> ChrisADR

I disagree with 5.6.36 Release Notes.

The mysql_options() C API function now supports a MYSQL_OPT_SSL_MODE option. The only permitted option value is SSL_MODE_REQUIRED, to require an encrypted connection to the server. It causes mysql_real_connect() to fail if an encrypted connection cannot be obtained, without falling back to an unencrypted connection. Thus, mysql_real_connect() returns an error if the server does not support SSL or the client is not configured to use SSL. The client/server exchange terminates immediately after the initial server packet has been received if the server indicates that it does not support SSL.

To require an encrypted connection in MySQL 5.6, the standard MySQL client programs call mysql_options() to set MYSQL_OPT_SSL_MODE if the --ssl-mode=REQUIRED command-line option was specified. Third-party applications that must be able to require encrypted connections can use the same technique. For details, see mysql_ssl_set().
Comment 5 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-10-05 17:49:03 UTC
Awesome,

As this report is about percona-server and the current version is 5.6.37.x are we ready to mark it as resolved?

Thank you very much.

Gentoo Security Padawan
ChrisADR