GHSA-52XF-5P2M-9WRV

Vulnerability from github – Published: 2024-06-06 14:26 – Updated: 2024-06-06 14:26
VLAI
Summary
s2n-tls has a potentially observable differences in RSA premaster secret handling
Details

When receiving a message from a client that sent an invalid RSA premaster secret, an issue in s2n-tls results in the server performing additional processing when the premaster secret contains an incorrect client hello version. While no practical attack on s2n-tls has been demonstrated, this causes a small timing difference which could theoretically be used as described in the Marvin Attack [1].

We would like to thank Hubert Kario [2] for reporting this issue.

Impact

The extent of this issue is a timing difference. No practical attack on s2n-tls has been demonstrated.

This issue affects server applications that permit RSA key exchange. Applications that use the default, built-in blinding feature or properly implement self-service blinding are not affected.

Impacted versions: <= v1.4.15.

Patches

The patch is included in v1.4.16 [3].

Workarounds

Applications can work around this issue by using an s2n-tls security policy that disallows RSA key exchange.

If you have any questions or comments about this advisory we ask that you contact AWS/Amazon Security via our vulnerability reporting page [4] or directly via email to aws-security@amazon.com. Please do not create a public GitHub issue.

[1] https://people.redhat.com/~hkario/marvin/ [2] https://github.com/tomato42 [3] https://github.com/aws/s2n-tls/releases/tag/v1.4.16 [4] https://aws.amazon.com/security/vulnerability-reporting

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.2.6"
      },
      "package": {
        "ecosystem": "crates.io",
        "name": "s2n-tls"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.2.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [],
  "database_specific": {
    "cwe_ids": [
      "CWE-203"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-06-06T14:26:18Z",
    "nvd_published_at": null,
    "severity": "LOW"
  },
  "details": "When receiving a message from a client that sent an invalid RSA premaster secret, an issue in s2n-tls results in the server performing additional processing when the premaster secret contains an incorrect client hello version. While no practical attack on s2n-tls has been demonstrated, this causes a small timing difference which could theoretically be used as described in the Marvin Attack [1].\n\nWe would like to thank Hubert Kario [2] for reporting this issue.\n\n\n### Impact\n\nThe extent of this issue is a timing difference. No practical attack on s2n-tls has been demonstrated.\n\nThis issue affects server applications that permit RSA key exchange. Applications that use the default, built-in blinding feature or properly implement self-service blinding are not affected.\n\nImpacted versions: \u003c= v1.4.15.\n\n\n### Patches\n\nThe patch is included in v1.4.16 [3].\n\n### Workarounds\n\nApplications can work around this issue by using an s2n-tls security policy that disallows RSA key exchange.\n\nIf you have any questions or comments about this advisory we ask that you contact AWS/Amazon Security via our vulnerability reporting page [4] or directly via email to [aws-security@amazon.com](mailto:aws-security@amazon.com). Please do not create a public GitHub issue.\n\n[1] https://people.redhat.com/~hkario/marvin/\n[2] https://github.com/tomato42\n[3] https://github.com/aws/s2n-tls/releases/tag/v1.4.16\n[4] https://aws.amazon.com/security/vulnerability-reporting",
  "id": "GHSA-52xf-5p2m-9wrv",
  "modified": "2024-06-06T14:26:18Z",
  "published": "2024-06-06T14:26:18Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/aws/s2n-tls/security/advisories/GHSA-52xf-5p2m-9wrv"
    },
    {
      "type": "WEB",
      "url": "https://github.com/aws/s2n-tls/commit/114ccab0ff2cde491203ac841837d0d39b767412"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/aws/s2n-tls"
    },
    {
      "type": "WEB",
      "url": "https://github.com/aws/s2n-tls/releases/tag/v1.4.16"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "s2n-tls has a potentially observable differences in RSA premaster secret handling"
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…