OpenSSL: Information Disclosure — GLSA 201404-07

Multiple Information Disclosure vulnerabilities in OpenSSL allow remote attackers to obtain sensitive information via various vectors.

Affected Packages

dev-libs/openssl on all architectures
Affected versions < 1.0.1g
Unaffected versions >= 1.0.1g, revision >= 0.9.8y, revision >= 0.9.8z_p1, revision >= 0.9.8z_p2, revision >= 0.9.8z_p3, revision >= 0.9.8z_p4, revision >= 0.9.8z_p5, revision >= 0.9.8z_p6, revision >= 0.9.8z_p7, revision >= 0.9.8z_p8, revision >= 0.9.8z_p9, revision >= 0.9.8z_p10, revision >= 0.9.8z_p11, revision >= 0.9.8z_p12, revision >= 0.9.8z_p13, revision >= 0.9.8z_p14, revision >= 0.9.8z_p15

Background

OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library.

Description

Multiple vulnerabilities have been found in OpenSSL:

  • OpenSSL incorrectly handles memory in the TLS heartbeat extension, leading to information disclosure of 64kb per request, possibly including private keys (“Heartbleed bug”, OpenSSL 1.0.1 only, CVE-2014-0160).
  • The Montgomery ladder implementation of OpenSSL improperly handles swap operations (CVE-2014-0076).

Impact

A remote attacker could exploit these issues to disclose information, including private keys or other sensitive information, or perform side-channel attacks to obtain ECDSA nonces.

Workaround

Disabling the tls-heartbeat USE flag (enabled by default) provides a workaround for the CVE-2014-0160 issue.

Resolution

All OpenSSL users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.1g"
 

Note: All services using OpenSSL to provide TLS connections have to be restarted for the update to take effect. Utilities like app-admin/lib_users can aid in identifying programs using OpenSSL.

As private keys may have been compromised using the Heartbleed attack, it is recommended to regenerate them.

References

Release Date
April 08, 2014

Latest Revision
June 06, 2015: 4

Severity
normal

Exploitable
remote

Bugzilla entries