Bug 25952

Summary: mbedtls new security issues CVE-2019-16910, CVE-2019-18222
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: critical    
Priority: Normal CC: andrewsfarm, sysadmin-bugs, tarazed25
Version: 7Keywords: advisory, has_procedure, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA7-64-OK
Source RPM: mbedtls-2.16.2-1.mga8.src.rpm CVE:
Status comment: Fixed upstream in 2.16.4

Description David Walser 2019-12-26 03:26:38 CET 
Upstream has issued an advisory on September 6:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-10

The issue is fixed upstream in 2.16.3:
https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.3-and-2.7.12-released

Fedora has issued an advisory for this on October 1:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PEHHH2DOBXB25CAU3Q6E66X723VAYTB5/

Mageia 7 is also affected.
David Walser 2019-12-26 03:26:45 CET

Whiteboard: (none) => MGA7TOO

David Walser 2020-01-14 17:39:24 CET

Status comment: (none) => Fixed upstream in 2.16.3

Comment 1 Rémi Verschelde 2020-01-26 18:15:22 CET 
New advisory for security issue fixed in 2.16.4 (CVE-2019-18222):

https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-12

I will upgrade to 2.16.4 for both Mageia 7 and Cauldron.

Status comment: Fixed upstream in 2.16.3 => Fixed upstream in 2.16.4
Status: NEW => ASSIGNED
Summary: mbedtls new security issue CVE-2019-16910 => mbedtls new security issues CVE-2019-16910, CVE-2019-18222

Comment 2 Rémi Verschelde 2020-01-26 18:36:27 CET 
Advisory:
=========

Updated mbedtls packages fix security vulnerabilities

  This update from mbedTLS 2.16.2 to mbedTLS 2.16.4 fixes several security
  vulnerabilities, among which:

  The deterministic ECDSA calculation reused the scheme's HMAC-DRBG to implement
  blinding. Because of this for the same key and message the same blinding value
  was generated. This reduced the effectiveness of the countermeasure and leaked
  information about the private key through side channels (CVE-2019-16910).

  Fix side channel vulnerability in ECDSA. Our bignum implementation is not
  constant time/constant trace, so side channel attacks can retrieve the blinded
  value, factor it (as it is smaller than RSA keys and not guaranteed to have
  only large prime factors), and then, by brute force, recover the key
  (CVE-2019-18222).

  See release notes for details.

References:

 - https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.3-and-2.7.12-released
 - https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.4-and-2.7.13-released
 - https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-10
 - https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-12

RPMs in core/updates_testing:
=============================

mbedtls-2.16.4-1.mga7
lib64mbedtls12-2.16.4-1.mga7
lib64mbedx509_0-2.16.4-1.mga7
lib64mbedcrypto3-2.16.4-1.mga7
lib64mbedtls-devel-2.16.4-1.mga7

SRPM in core/updates_testing:
=============================

mbedtls-2.16.4-1.mga7

Testing procedure:
==================

This can be tested via the SSL support feature of applications using mbedtls, notably:

 - dolphin-emu
 - godot
 - hiawatha
 - obs-studio

mbedtls will be used when e.g. resolving a HTTPS URL. In Godot, this can be done by browsing its Asset Library (all images and descriptions should be served over HTTPS).

Whiteboard: MGA7TOO => (none)
Version: Cauldron => 7
Keywords: (none) => has_procedure
Assignee: rverschelde => qa-bugs

Comment 3 Len Lawrence 2020-01-27 10:48:39 CET 
Mageia7, x86_64

Installed godot and hiawatha.
Installed the five packages then updated them from testing repositories.
Noted that godot was listed in updates testing but left it at version 3.1.1-1.

Opened the project manager in godot and then the assets library.
Selected one of the sample demos, downloaded it and installed it in a user folder.  Exited from the full-screen editor and closed down.  Hopefully that is enough to validate godot and mbedtls.

Stopped apache and started hiawatha.
status checks were good.
Pointed browser at localhost:80/ to display the Hiawatha "Installation successful" message.  Browsed a little.  No problems with https sites.

Giving this the OK, and thanks Rémi for the procedure.

CC: (none) => tarazed25

Len Lawrence 2020-01-27 10:50:25 CET

Whiteboard: (none) => MGA7-64-OK

Comment 4 Thomas Andrews 2020-01-27 18:28:08 CET 
Thank you both, Gentlemen. Validating. Advisory in Comment 2.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

Lewis Smith 2020-01-27 18:48:22 CET

Keywords: (none) => advisory

Comment 5 Mageia Robot 2020-01-28 08:54:26 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2020-0053.html

Resolution: (none) => FIXED
Status: ASSIGNED => RESOLVED

Comment 6 David Walser 2020-02-20 23:00:22 CET 
Fedora has issued an advisory for the newer issue on February 19:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/A3GWQNONS7GRORXZJ7MOJFUEJ2ZJ4OUW/