OpenSSL fixes another severe vulnerability

Summary:[UPDATED] Still cleaning up after the Heartbleed debacle, OpenSSL is issuing fixes for several vulnerabilities, one of them exploitable to run arbitrary code on the client or server.

The OpenSSL project has reported fixes for several vulnerabilities, at least one of them serious.

The most significant vulnerability is SSL/TLS MITM vulnerability (CVE-2014-0224). Unlike Heartbleed, which had been introduced into the program not long before, affects all versions of OpenSSL, including those that were patched to fix Heartbleed.

All client versions of OpenSSL are vulnerable. OpenSSL servers are only known to be vulnerable in versions 1.0.1 and 1.0.2-beta1. The bug was discovered by KIKUCHI Masashi (Lepidum Co. Ltd.) and reported to OpenSSL on May 1 via JPCERT/CC. Kikuchi has published his own explanation of the bug.

OpenSSL provides this advice:

  • OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8za
  • OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0m
  • OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1h

[UPDATE: Google's Adam Langley has written an analysis of the bug. As he notes: "... these attacks need man-in-the-middle position against the victim and that non-OpenSSL clients (IE, Firefox, Chrome on Desktop and iOS, Safari etc) aren't affected. None the less, all OpenSSL users should be updating." He adds (on Twitter) that Chrome on Android does use OpenSSL, but he has not confirmed that it is vulnerable.]

[UPDATE 2: Google has released a new version of Chrome for Android, incrementing the OpenSSL version used in it to 1.0.1h.]

The same updates fix several less-serious issues:

  • DTLS invalid fragment vulnerability (CVE-2014-0195) — A buffer overrun, potentially exploitable to run arbitrary code on the system.
  • DTLS recursion flaw (CVE-2014-0221) — Denial of service
  • SSL_MODE_RELEASE_BUFFERS NULL pointer dereference (CVE-2014-0198) — Denial of service
  • SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298) — Cross-section data injection or denial of service
  • Anonymous ECDH denial of service (CVE-2014-3470) — Denial of service
  • Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack (CVE-2014-0076) — Previously fixed in version 1.0.1g, this update fixes it in the 1.0.0 and 0.9.8 code branches.

Topics: Security

About

Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years. He was most recently Editorial Director of BYTE, Dark Reading and Network Computing at UBM Tech. Prior to that he spent over a decade consulting and writing on technology subjects, primarily in the area of sec... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.