Red Hat Product Security has been made aware of a vulnerability affecting all versions of OpenSSL shipped with Red Hat products, which has been assigned CVE-2014-0224 and could allow for a man-in-the-middle attack against an encrypted connection. The vulnerability has been named OpenSSL CCS Injection.
This issue was publicly disclosed on June 5th, 2014 and has been rated as Important.
It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server.
SSL/TLS connections typically allow for encrypted traffic to pass between two parties where only the intended senders and recipients can decrypt data. In the event of a man-in-the-middle attack, an attacker could intercept an encrypted data stream allowing them to decrypt, view and then manipulate said data.
The vulnerability can only be exploited if both server and client are vulnerable to this issue. In the event that one of the two is vulnerable, there is no risk of exploitation.
NOTE: This vulnerability cannot be used to extract server or client side key material. This means that existing signed certificates do not need replacement once software is updated.
Frequently Asked Questions
This FAQ is for the vulnerability CVE-2014-0224 in OpenSSL, also known as "CCS Injection".
Is this issue the same as HeartBleed?
No, this a new issue discovered in OpenSSL that could result in a man-in-the-middle attack. See the explanation above for full details.
Is this issue worse than HeartBleed?
HeartBleed allowed anyone on the internet to exploit vulnerable servers. This issue requires an attacker to intercept and alter network traffic in real time in order to exploit the flaw. This reduces the risk that this vulnerability can be exploited but does not make it impossible, updating should be a primary remediation focus regardless of the difficulty in leveraging the exploit.
Do I need to regenerate any certificates?
No, this issue does not result in certificate or private key information leaking.
How can I tell if I'm vulnerable to this issue? Is it possible to test remotely for the presence of this issue?
All versions of OpenSSL are vulnerable to this issue. Review the relevant solution for your product:
Red Hat Enterprise Linux
Red Hat Enterprise Virtualization
Red Hat JBoss Middleware
Red Hat Storage
Red Hat Access Labs has released the CCS Injection Detector to you validate your systems have been patched against this vulnerability.
How can I verify the update is working properly?
You can use the Access Labs CCS Injection Detector to verify the update has been applied successfully.
Is there a way to mitigate this issue without an update?
There is no known mitigation for this issue. The only way to fix it is to install updated OpenSSL packages and restart affected services.
Does this issue affect other TLS libraries?
Red Hat has reviewed the NSS and GnuTLS libraries for this issue. We have determined that these libraries are not affected by this specific issue.
Do I need to update my OpenSSL package, even if I am not running version 1.0.1?
Red Hat suggests everyone updates their OpenSSL packages regardless of the version they are using. See above for further details.
Is this issue being exploited in the wild?
At the time the issue was made public, we were not aware of any public exploits for this issue or that it is being exploited in the wild. We believe an exploit could be written for this issue, however exploitation requires the attacker to intercept and alter network traffic in real time.
When did Red Hat find out about this issue?
The OpenSSL team was notified about this issue on May 1, 2014, and contacted Red Hat and other OS distributions on June 2, 2014. This issue was made public on June 5, 2014.
What can an attacker actually do with this issue?
This issue could allow an attacker to conduct a man-in-the-middle attack against a vulnerable OpenSSL client communicating with a vulnerable OpenSSL server. The attacker could then potentially view or modify the secured traffic. The attacker would need a way to access network traffic between the communicating parties and alter it. This OpenSSL issue alone does not provide such level of access to network traffic.
Why do Red Hat's security advisories list multiple CVE IDs?
OpenSSL is fixing several issues with their latest update. Red Hat's updates fix the issues as relevant to our various versions of OpenSSL. This issue has been singled out as the most serious and we are providing additional information.
Red Hat recommends that customers conduct a risk-based prioritization analysis of their affected systems and immediately apply available patches to remediate the issue. Rebooting the system after updating is the safest way to ensure all affected services use the updated ssl library. If a reboot is not possible, restarting all network services that depend on openssl after applying the patches is required. This issue affects products using OpenSSL and all versions prior to those listed as updates for this issue are vulnerable to some degree. See the appropriate remediation article for specifics.
|Product/Channel||Affecting||Fixed in package||Remediation details|
|Red Hat Enterprise Linux 7||openssl-1.0.1e||openssl-1.0.1e-34.el7_0.3||Red Hat Enterprise Linux|
|Red Hat Enterprise Linux 6||openssl-1.0.1e||openssl-1.0.1e-16.el6_5.14||Red Hat Enterprise Linux|
|Red Hat Storage 2.1||openssl-1.0.1e||openssl-1.0.1e-16.el6_5.14||Red Hat Storage 2.1|
|Red Hat Enterprise Virtualization||openssl-1.0.1e||openssl-1.0.1e-16.el6_5.14||Red Hat Enterprise Virtualization|
|Red Hat Enterprise Linux 5||openssl-0.9.8e||openssl-0.9.8e-27.el5_10.3||Red Hat Enterprise Linux|
|Red Hat Enterprise Linux 4 Extended Lifecycle Support||openssl-0.9.7a||openssl-0.9.7a-43.22.el4||Red Hat Enterprise Linux|
|Red Hat Enterprise Linux 5.6 Long Life||openssl-0.9.8e||openssl-0.9.8e-12.el5_6.12||Red Hat Enterprise Linux|
|Red Hat Enterprise Linux 5.9 Extended Update Support||openssl-0.9.8e||openssl-0.9.8e-26.el5_9.4||Red Hat Enterprise Linux|
|Red Hat Enterprise Linux 6.2 Advanced Update Support||openssl-1.0.0||openssl-1.0.0-20.el6_2.7||Red Hat Enterprise Linux|
|Red Hat Enterprise Linux 6.3 Extended Update Support||openssl-1.0.0||openssl-1.0.0-25.el6_3.3||Red Hat Enterprise Linux|
|Red Hat Enterprise Linux 6.4 Extended Update Support||openssl-1.0.0||openssl-1.0.0-27.el6_4.4||Red Hat Enterprise Linux|
|Red Hat JBoss Middleware products||JBoss EAP 5.2||Red Hat JBoss Middleware|
|JBoss EAP 6.2 CP03 / 6.2 CP03|
|JBoss EWS 2.0.1|
|JBoss EWP 5.2|
Since any machine in the product classes listed above cannot determine whether a connection it makes as a client is to a vulnerable server the only prudent solution is to ensure that any machine running a vulnerable version is updated.