Is my Red Hat product affected by the Encrypt-Then-Mac renegotiation crash OpenSSL CVE-2017-3733?
Environment
- All current Red Hat Products
Issue
- Is my Red Hat product affected by CVE-2017-3733?
- Can I get patches for CVE-2017-3733?
- What are the details around the Encrypt-Then-Mac renegotiation crash?
Resolution
This issue does not affect OpenSSL as shipped with current Red Hat products
This reported issue affects upstream packages of OpenSSL 1.1.0*, and is fixed in the upstream 1.1.0e version.
Root Cause
On February 16, 2017, OpenSSL released fixes including those that included patches for CVE-2017-3733.
It was found that changing the ciphersuite during a renegotiation of the Encrypt-Then-Mac extension could result in a crash of the OpenSSL 1.1.0 server or client.
The problem was caused by changing the flag indicating whether to use ETM or not immediately on negotiation of ETM, rather than at CCS. Therefore, during a renegotiation, if the ETM state is changing (usually due to a change of ciphersuite), then an error/crash will occur. Due to the fact that there are separate CCS messages for read and write two flags are needed to determine whether to use ETM or not.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments