[NetBSD] Schwachstelle in der SHA2 Implementierung

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Liebe Kolleginnen und Kollegen,

soeben erreichte uns nachfolgende Warnung des NetBSD Security
Officers.Wir geben diese Informationen unveraendert an Sie weiter.

Buffer Overflow in der NetBSD SHA2 Implementierung

In Programmen, die die NetBSD SHA2 Implementierung (sys/sha2.h)
verwenden, laesst sich ein Buffer Overflow um 4 (SHA256) bzw. 8 Bytes
(SHA512) ausloesen, falls das Programm gleichzeitig die libcrypto
einbindet. Der Ueberlauf findet zur Initialisierung der Hashfunktion
(SHA256_Init) statt. Angreifer koennen diese Schwachstelle dazu
ausnutzen, betroffene Programme zum Absturz zu bringen (Denial of
Service).

Im NetBSD Grundsystem sind unter anderem die libssh Bibliothek (und
damit SSH Server und Client) sowie das pkg_install Framework
betroffen.

Betroffen sind die folgenden Software Pakete und Plattformen:

NetBSD Versionen for den folgenden Erscheinungsdaten:
NetBSD-current: May 26, 2009
NetBSD-5-0 branch: Jul 11, 2009
NetBSD-5 branch: Jul 11, 2009
NetBSD-4-0 branch: Jul 22, 2009
NetBSD-4 branch: Jul 22, 2009

Vom Hersteller werden ueberarbeitete Pakete zur Verfuegung gestellt.

Hersteller Advisory:
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-012.txt.asc

(c) der deutschen Zusammenfassung bei DFN-CERT Services GmbH; die
Verbreitung, auch auszugsweise, ist nur unter Hinweis auf den Urheber,
DFN-CERT Services GmbH, und nur zu nicht kommerziellen Zwecken
gestattet.

Mit freundlichen Gruessen,
Klaus Moeller, DFN-CERT

– —
Dipl. Inform. Klaus Moeller (Incident Response Team)
Phone: +49 40 808077-555, Fax: +49 40 808077-556

DFN-CERT Services GmbH, https://www.dfn-cert.de, Phone +49 40 808077-555
Sitz / Register: Hamburg, AG Hamburg, HRB 88805, Ust-IdNr.: DE 232129737
Sachsenstrase 5, 20097 Hamburg/Germany, CEO: Dr. Klaus-Peter Kossakowski

– —–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

NetBSD Security Advisory 2009-012
=================================

Topic: SHA2 implementation potential buffer overflow

Version: NetBSD-current: affected prior to 2009-05-26
NetBSD 5.0: affected
NetBSD 4.0.*: affected
NetBSD 4.0: affected

Severity: Denial of Service

Fixed: NetBSD-current: May 26, 2009
NetBSD-5-0 branch: Jul 11, 2009
NetBSD-5 branch: Jul 11, 2009
NetBSD-4-0 branch: Jul 22, 2009
NetBSD-4 branch: Jul 22, 2009

Please note that NetBSD releases prior to 4.0 are no longer supported.
It is recommended that all users upgrade to a supported release.

Abstract
========

An error initializing a SHA2 context causes vulnerable applications using
libcrypto to suffer from a 4- or 8-byte buffer overflow (for SHA256 and
SHA512 correspondingly) with fixed content, potentially causing
applications to crash.

Technical Details
=================

A program using the SHA2 implementation from sys/sha2.h in NetBSD and
linking against libcrypto is vulnerable to a 4- or 8-byte buffer
overflow (for SHA256 and SHA512 correspondingly) with fixed content.

The overflow occurs at the time the hash init function is called (e.g.
SHA256_Init). The init functions then pass the wrong size for the
context as an argument to the memset function which then overwrites
4 bytes of the memory buffer located after the one holding the context.

In the NetBSD base system, this affects the libssh library as well as
the pkg_install framework. In libssh, the overflow occurs on the heap
of the program using it, in pkg_install a stack overflow occurs.

Solutions and Workarounds
=========================

A workaround for this issue for programs in the NetBSD base system
is to disable SHA256 as a HMAC for the secure shell and to avoid
using the audit facility as well as signed packages.

To determine whether or not a package is signed, run the command

% tar tzf package.tgz

on the package. If the first file of the package is +PKG_HASH,
then the package is signed.

The following instructions describe how to upgrade your libcrypto
and libc binaries by updating your source tree and rebuilding and
installing a new version of the three facilities.

* NetBSD-current:

Systems running NetBSD-current dated from before 2009-05-26
should be upgraded to NetBSD-current dated 2009-05-27 or later.

The following files/directories need to be updated from the
netbsd-current CVS branch (aka HEAD):
common/lib/libc/hash/sha2
distrib/sets/lists
lib/libc
lib/libcrypto
sys/sys

To update from CVS, re-build, and re-install lorem:
# cd src
# cvs update -d -P common/lib/libc/hash/sha2
# cvs update -d -P distrib/sets/lists
# cvs update -d -P lib/libc
# cvs update -d -P lib/libcrypto
# cvs update -d -P sys/sys
# cd sys/sys
# make USETOOLS=no cleandir
# make USETOOLS=no includes
# cd ../../lib/libc
# make USETOOLS=no cleandir dependall
# make USETOOLS=no install
# cd ../libcrypt
# make USETOOLS=no cleandir dependall
# make USETOOLS=no install
# cd ../libcrypto
# make USETOOLS=no cleandir dependall
# make USETOOLS=no install

* NetBSD 5.*:

Systems running NetBSD 5.* sources dated from before
2009-07-11 should be upgraded from NetBSD 5.* sources dated
2009-07-12 or later.

The following files/directories need to be updated from the
netbsd-5 or netbsd-5-0 branches:
common/lib/libc/hash/sha2
distrib/sets/lists
lib/libc
lib/libcrypto
sys/sys

To update from CVS, re-build, and re-install libc and libcrypto:

# cd src
# cvs update -r -d -P common/lib/libc/hash/sha2
# cvs update -r -d -P distrib/sets/lists
# cvs update -r -d -P lib/libc
# cvs update -r -d -P lib/libcrypto
# cvs update -r -d -P sys/sys
# cd sys/sys
# make USETOOLS=no cleandir
# make USETOOLS=no includes
# cd ../../lib/libc
# make USETOOLS=no cleandir dependall
# make USETOOLS=no install
# cd ../libcrypt
# make USETOOLS=no cleandir dependall
# make USETOOLS=no install
# cd ../libcrypto
# make USETOOLS=no cleandir dependall
# make USETOOLS=no install

* NetBSD 4.*:

Systems running NetBSD 4.* sources dated from before
2009-07-22 should be upgraded from NetBSD 4.* sources dated
2009-07-23 or later.

The following files/directories need to be updated from the
netbsd-4 or netbsd-4-0 branches:
common/lib/libc/hash/sha2
distrib/sets/lists
lib/libc
lib/libcrypto
sys/sys

To update from CVS, re-build, and re-install libc and libcrypto:

Thanks To
=========

Joerg Sonnenberger for finding, reporting and fixing the issue.

Revision History
================

2009-07-28 Initial release

More Information
================

Advisories may be updated as new information becomes available.
The most recent version of this advisory (PGP signed) can be found at
http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2009-012.txt.asc

Information about NetBSD and NetBSD security can be found at
http://www.NetBSD.org/ and http://www.NetBSD.org/Security/.

$NetBSD: NetBSD-SA2009-012.txt,v 1.1 2009/07/28 18:29:29 tonnerre Exp $

– —–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.9 (NetBSD)

iQIcBAEBAgAGBQJKb0ijAAoJEAZJc6xMSnBuBEEP+wa1ybcKmHkq16evmfBdGIpM
9Z7fVSvx5fDHMvUDGKL5tST/CIoRU379yiBIj/VS0tlUV9TLo1TPdrLO9XON0ara
CaIP3DK766+hjya0PwuVuy8yVhUQ6Dz2rKTBjSpmz38qv8RfvR4G6iwF3W6YNvNu
pF3vjEJIbQdT6Fen3pzb4D9aiQ6SvEZdknGGR2HmebY2ig4un+bsIJc3x+Iv87Iw
qpuJ6KQSnfLxx5qFVO5Sax8SNdL3VmQQcFhVgO3tg/ddcFUVwngXS2Wg9ChczQWt
7wM7OVwXOL1Vr0s2NcRlsIppHXvKRQxu54CuEQM6gsPcleJhsBVFo9/AbeSw4SAx
rLiR/jQ6vsC9/28ZpKGQkrtnf5fxP2R7uQIN2nylCiB+s5UDmAHAYTt1tSTMt4ou
+xgCX0OnE9iB68FoJYq1YjHMc3n4GclJz3lijXsRBzgGaSHZJc3ywYtO6puS8yUI
mXKWPdGthCDVXWiKUOBZYcuS4dv7RoA+VhI3Q1P/kwFQ9xXqb9XWSQYmLycxleA8
BjjSEuIlw5tdAnufDJA8ZRXl4gP0qhrKfPtyYkLUj6pezcyPU1QD61yK0euMr3sq
lO97lYhYqtc2gMJaOgVYoHUqbsemuRNEOdHMBeqIoC8MYYH5La6Tuub26Dwz7eDV
Mxw6htX0zEm1S/1ld7ne
=GZuc
– —–END PGP SIGNATURE—–
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFKcF93k0kIxZMiiQ8RAji5AJ9ArBj8CKvQ4tZ8MG2bBYMhWVHNCgCg0SeY
goJF1bHsST+QD+ehjDpM/UU=
=aDVd
—–END PGP SIGNATURE—–

[NetBSD] Schwachstelle in der SHA2 Implementierung - NetBSD-SA2009-012

LMP003 Chemnitzer Linux-Tage 2026

[NetBSD] Schwachstelle in der SHA2 Implementierung – NetBSD-SA2009-012

[NetBSD] Schwachstelle in der SHA2 Implementierung - NetBSD-SA2009-012