FREAK: OpenSSL vulnerability (CVE-2015-0204)
In January 2015, Red Hat Product Security addressed the CVE-2015-0204 vulnerability in OpenSSL with this advisory: RHSA-2015-0066 and RHSA-2015-0800. The vulnerability was rated as having a Moderate impact. This vulnerability is now being referred to as FREAK in the press.
Background Information
OpenSSL clients accepted EXPORT-grade (insecure) keys even when the client had not initially asked for them. This could be exploited using a man-in-the-middle attack, which would intercept the client's initial request for a standard key and ask the server for an EXPORT-grade key. The client would then accept the weak key, allowing the attacker to factor it and decrypt communication between the client and the server.
Impact
While the use of EXPORT-grade ciphers is disabled by default in OpenSSL shipped with the latest versions of Red Hat Enterprise Linux (5.11, 6.6 and 7.1), it can be enabled by applications that utilize the OpenSSL library. For this reason, the vulnerability is considered to affect all Red Hat Enterprise Linux 5, 6 and 7 systems, including the Server, Workstation, Desktop, and HPC Node variants, that have not installed the fixed version of OpenSSL packages.
The version of openssl097a as shipped with Red Hat Enterprise Linux 5 is also affected. As Red Hat Enterprise Linux 5 is now in the Production 3 phase of the support and maintenance life cycle, during which only Critical security advisories are provided, this issue is currently not planned to be addressed in future updates.
Resolution
To eliminate the possibility of exploitation of OpenSSL clients, install the updated OpenSSL packages that have been made available through this advisory: RHSA-2015-0066 and RHSA-2015-0800.
To install the updates, use the yum package manager as follows:
yum update
To only update the OpenSSL package and its dependencies, use:
yum update openssl
Note: To ensure that unpatched clients connecting to an OpenSSL server cannot be exploited with this flaw, it is recommended to disable EXPORT-grade ciphers on the server as described in the Mitigation section below.
Note: Rebooting the system after updating is the safest way to ensure all affected services use updated ssl library. See also following sub-section bellow if you want to avoid reboot.
Restarting Processes for the Changes to Take Effect
As was mentioned above, the safest and simplest course of action is to perform a full system reboot. Alternatively, to restart affected services, see the following examples of steps:
How to determine which processes need to be restarted
To list affected services, grep for DEL by running the lsof command as follows:
# lsof | grep DEL | grep -e crypto -e libssl
sshd 7708 root DEL REG 253,0 139948 /usr/lib64/libcrypto.so.1.0.1e
^^^--- sshd service
certmonge 7940 root DEL REG 253,0 139948 /usr/lib64/libcrypto.so.1.0.1e
^^^--- certmonger service
Xorg 7986 root DEL REG 253,0 139948 /usr/lib64/libcrypto.so.1.0.1e
^^^--- Xwindows service
sshd 8990 root DEL REG 253,0 139948 /usr/lib64/libcrypto.so.1.0.1e
^^^--- used by ssh login with bash shell
master 7796 root DEL REG 253,0 140068 /usr/lib64/libssl.so.1.0.1e
^^^--- postfix service
qmgr 7809 postfix DEL REG 253,0 140068 /usr/lib64/libssl.so.1.0.1e
^^^--- postfix service
tuned 7866 root DEL REG 253,0 140068 /usr/lib64/libssl.so.1.0.1e
^^^--- tuned service
pickup 9501 postfix DEL REG 253,0 140068 /usr/lib64/libssl.so.1.0.1e
^^^--- postfix service
httpd 9524 root DEL REG 253,0 140068 /usr/lib64/libssl.so.1.0.1e
^^^--- httpd service
httpd 9526 apache DEL REG 253,0 140068 /usr/lib64/libssl.so.1.0.1e
httpd 9527 apache DEL REG 253,0 140068 /usr/lib64/libssl.so.1.0.1e
httpd 9528 apache DEL REG 253,0 140068 /usr/lib64/libssl.so.1.0.1e
httpd 9529 apache DEL REG 253,0 140068 /usr/lib64/libssl.so.1.0.1e
httpd 9530 apache DEL REG 253,0 140068 /usr/lib64/libssl.so.1.0.1e
httpd 9531 apache DEL REG 253,0 140068 /usr/lib64/libssl.so.1.0.1e
httpd 9532 apache DEL REG 253,0 140068 /usr/lib64/libssl.so.1.0.1e
httpd 9533 apache DEL REG 253,0 140068 /usr/lib64/libssl.so.1.0.1e
httpd 9534 apache DEL REG 253,0 140068 /usr/lib64/libssl.so.1.0.1e
httpd 9535 apache DEL REG 253,0 140068 /usr/lib64/libssl.so.1.0.1e
To restart services managed by chkconfig:
# service sshd restart
# service certmonger restart
# service postfix restart
# service tuned restart
# service httpd restart
To restart Xorg:
# init 3
# lsof | grep DEL | grep -e crypto -e libssl
# init 5
Then check again and to remove the last list, please log out:
# lsof | grep ssl | grep lib | grep DEL
sshd 8990 root DEL REG 253,0 139948 /usr/lib64/libcrypto.so.1.0.1e
^^^--- used by current ssh login with bash shell
# logout
Mitigation for unpatched clients
To mitigate the vulnerability described in this article, you may also disable EXPORT-grade ciphers in your client or server. Doing so on the server is recommended, especially when you cannot ensure that all clients connecting to your server have been patched.
Disabling EXPORT ciphers in httpd
To disallow the use of EXPORT-grade ciphers by the httpd web server, add the !EXP directive to the SSLCipherSuite line in the /etc/httpd/conf.d/ssl.conf configuration file. For example:
SSLCipherSuite HIGH:!aNULL:!MD5:!EXP
After modifying ssl.conf, you need to restart httpd service.
# service httpd restart
Comments