FREAK: OpenSSL vulnerability (CVE-2015-0204)

In January 2015, Red Hat Product Security addressed the CVE-2015-0204 vulnerability in OpenSSL with this advisory: RHSA-2015-0066 and RHSA-2015-0800. The vulnerability was rated as having a Moderate impact. This vulnerability is now being referred to as FREAK in the press.

Background Information

OpenSSL clients accepted EXPORT-grade (insecure) keys even when the client had not initially asked for them. This could be exploited using a man-in-the-middle attack, which would intercept the client's initial request for a standard key and ask the server for an EXPORT-grade key. The client would then accept the weak key, allowing the attacker to factor it and decrypt communication between the client and the server.

Impact

While the use of EXPORT-grade ciphers is disabled by default in OpenSSL shipped with the latest versions of Red Hat Enterprise Linux (5.11, 6.6 and 7.1), it can be enabled by applications that utilize the OpenSSL library. For this reason, the vulnerability is considered to affect all Red Hat Enterprise Linux 5, 6 and 7 systems, including the Server, Workstation, Desktop, and HPC Node variants, that have not installed the fixed version of OpenSSL packages.

The version of openssl097a as shipped with Red Hat Enterprise Linux 5 is also affected. As Red Hat Enterprise Linux 5 is now in the Production 3 phase of the support and maintenance life cycle, during which only Critical security advisories are provided, this issue is currently not planned to be addressed in future updates.

Resolution

To eliminate the possibility of exploitation of OpenSSL clients, install the updated OpenSSL packages that have been made available through this advisory: RHSA-2015-0066 and RHSA-2015-0800.

To install the updates, use the yum package manager as follows:

yum update

To only update the OpenSSL package and its dependencies, use:

yum update openssl

Note: To ensure that unpatched clients connecting to an OpenSSL server cannot be exploited with this flaw, it is recommended to disable EXPORT-grade ciphers on the server as described in the Mitigation section below.

Note: Rebooting the system after updating is the safest way to ensure all affected services use updated ssl library. See also following sub-section bellow if you want to avoid reboot.

Restarting Processes for the Changes to Take Effect

As was mentioned above, the safest and simplest course of action is to perform a full system reboot. Alternatively, to restart affected services, see the following examples of steps:

How to determine which processes need to be restarted

To list affected services, grep for DEL by running the lsof command as follows:

# lsof | grep DEL | grep -e crypto -e libssl

sshd      7708      root  DEL       REG              253,0              139948 /usr/lib64/libcrypto.so.1.0.1e
^^^--- sshd service
certmonge 7940      root  DEL       REG              253,0              139948 /usr/lib64/libcrypto.so.1.0.1e
^^^--- certmonger service
Xorg      7986      root  DEL       REG              253,0              139948 /usr/lib64/libcrypto.so.1.0.1e
^^^--- Xwindows service
sshd      8990      root  DEL       REG              253,0              139948 /usr/lib64/libcrypto.so.1.0.1e
^^^--- used by ssh login with bash shell
master    7796      root  DEL       REG              253,0              140068 /usr/lib64/libssl.so.1.0.1e
^^^--- postfix service
qmgr      7809   postfix  DEL       REG              253,0              140068 /usr/lib64/libssl.so.1.0.1e
^^^--- postfix service
tuned     7866      root  DEL       REG              253,0              140068 /usr/lib64/libssl.so.1.0.1e
^^^--- tuned service
pickup    9501   postfix  DEL       REG              253,0              140068 /usr/lib64/libssl.so.1.0.1e
^^^--- postfix service
httpd     9524      root  DEL       REG              253,0              140068 /usr/lib64/libssl.so.1.0.1e
^^^--- httpd service
httpd     9526    apache  DEL       REG              253,0              140068 /usr/lib64/libssl.so.1.0.1e
httpd     9527    apache  DEL       REG              253,0              140068 /usr/lib64/libssl.so.1.0.1e
httpd     9528    apache  DEL       REG              253,0              140068 /usr/lib64/libssl.so.1.0.1e
httpd     9529    apache  DEL       REG              253,0              140068 /usr/lib64/libssl.so.1.0.1e
httpd     9530    apache  DEL       REG              253,0              140068 /usr/lib64/libssl.so.1.0.1e
httpd     9531    apache  DEL       REG              253,0              140068 /usr/lib64/libssl.so.1.0.1e
httpd     9532    apache  DEL       REG              253,0              140068 /usr/lib64/libssl.so.1.0.1e
httpd     9533    apache  DEL       REG              253,0              140068 /usr/lib64/libssl.so.1.0.1e
httpd     9534    apache  DEL       REG              253,0              140068 /usr/lib64/libssl.so.1.0.1e
httpd     9535    apache  DEL       REG              253,0              140068 /usr/lib64/libssl.so.1.0.1e

To restart services managed by chkconfig:

# service sshd restart
# service certmonger restart
# service postfix restart
# service tuned restart
# service httpd restart

To restart Xorg:

# init 3
# lsof | grep DEL | grep -e crypto -e libssl
# init 5

Then check again and to remove the last list, please log out:

# lsof | grep ssl | grep lib | grep DEL
sshd      8990      root  DEL       REG              253,0              139948 /usr/lib64/libcrypto.so.1.0.1e
^^^--- used by current ssh login with bash shell
# logout

Mitigation for unpatched clients

To mitigate the vulnerability described in this article, you may also disable EXPORT-grade ciphers in your client or server. Doing so on the server is recommended, especially when you cannot ensure that all clients connecting to your server have been patched.

Disabling EXPORT ciphers in httpd

To disallow the use of EXPORT-grade ciphers by the httpd web server, add the !EXP directive to the SSLCipherSuite line in the /etc/httpd/conf.d/ssl.conf configuration file. For example:

SSLCipherSuite HIGH:!aNULL:!MD5:!EXP

After modifying ssl.conf, you need to restart httpd service.

# service httpd restart

Additional Information

Red Hat Security Blog on CVE-2015-0204

Comments