jiachao2130/cvrf2cusa
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7d8412e76d
cvrf2cusa/cvrf/2021/cvrf-openEuler-SA-2021-1031.xml
Jia Chao 0b34274085 git mv 
Signed-off-by: Jia Chao <jiac13@chinaunicom.cn>
2024-07-25 09:57:37 +08:00

180 lines
15 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<cvrfdoc xmlns="http://www.icasi.org/CVRF/schema/cvrf/1.1" xmlns:cvrf="http://www.icasi.org/CVRF/schema/cvrf/1.1">
<DocumentTitle xml:lang="en">An update for freeradius is now available for openEuler-20.03-LTS and openEuler-20.03-LTS-SP1</DocumentTitle>
<DocumentType>Security Advisory</DocumentType>
<DocumentPublisher Type="Vendor">
<ContactDetails>openeuler-security@openeuler.org</ContactDetails>
<IssuingAuthority>openEuler security committee</IssuingAuthority>
</DocumentPublisher>
<DocumentTracking>
<Identification>
<ID>openEuler-SA-2021-1031</ID>
</Identification>
<Status>Final</Status>
<Version>1.0</Version>
<RevisionHistory>
<Revision>
<Number>1.0</Number>
<Date>2021-02-05</Date>
<Description>Initial</Description>
</Revision>
</RevisionHistory>
<InitialReleaseDate>2021-02-05</InitialReleaseDate>
<CurrentReleaseDate>2021-02-05</CurrentReleaseDate>
<Generator>
<Engine>openEuler SA Tool V1.0</Engine>
<Date>2021-02-05</Date>
</Generator>
</DocumentTracking>
<DocumentNotes>
<Note Title="Synopsis" Type="General" Ordinal="1" xml:lang="en">freeradius security update</Note>
<Note Title="Summary" Type="General" Ordinal="2" xml:lang="en">An update for freeradius is now available for openEuler-20.03-LTS and openEuler-20.03-LTS-SP1.</Note>
<Note Title="Description" Type="General" Ordinal="3" xml:lang="en">Remote Authentication Dial-In User Service (RADIUS) is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA or Triple A) management for users who connect and use a network service.\r\n\r\n
Security Fix(es):\r\n\r\n
In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. This leaks information that an attacker can use to recover the password of any user. This information leakage is similar to the "Dragonblood" attack and CVE-2019-9494.(CVE-2019-13456)\r\n\r\n
In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BN_CTX instance to handle all handshakes. This mean multiple threads use the same BN_CTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are initiated. This can be abused by an adversary as a Denial-of-Service (DoS) attack.(CVE-2019-17185)\r\n\r\n</Note>
<Note Title="Topic" Type="General" Ordinal="4" xml:lang="en">An update for freeradius is now available for openEuler-20.03-LTS and openEuler-20.03-LTS-SP1.\r\n\r\n
openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.</Note>
<Note Title="Severity" Type="General" Ordinal="5" xml:lang="en">High</Note>
<Note Title="Affected Component" Type="General" Ordinal="6" xml:lang="en">freeradius</Note>
</DocumentNotes>
<DocumentReferences>
<Reference Type="Self">
<URL>https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1031</URL>
</Reference>
<Reference Type="openEuler CVE">
<URL>https://openeuler.org/en/security/cve/detail.html?id=CVE-2019-13456</URL>
<URL>https://openeuler.org/en/security/cve/detail.html?id=CVE-2019-17185</URL>
</Reference>
<Reference Type="Other">
<URL>https://nvd.nist.gov/vuln/detail/CVE-2019-13456</URL>
<URL>https://nvd.nist.gov/vuln/detail/CVE-2019-17185</URL>
</Reference>
</DocumentReferences>
<ProductTree xmlns="http://www.icasi.org/CVRF/schema/prod/1.1">
<Branch Type="Product Name" Name="openEuler">
<FullProductName ProductID="openEuler-20.03-LTS" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">openEuler-20.03-LTS</FullProductName>
<FullProductName ProductID="openEuler-20.03-LTS-SP1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">openEuler-20.03-LTS-SP1</FullProductName>
</Branch>
<Branch Type="Package Arch" Name="aarch64">
<FullProductName ProductID="freeradius-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-3.0.15-21.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-debuginfo-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-debuginfo-3.0.15-21.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-debugsource-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-debugsource-3.0.15-21.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-devel-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-devel-3.0.15-21.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-help-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-help-3.0.15-21.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-krb5-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-krb5-3.0.15-21.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-ldap-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-ldap-3.0.15-21.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-mysql-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-mysql-3.0.15-21.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-perl-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-perl-3.0.15-21.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-postgresql-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-postgresql-3.0.15-21.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-sqlite-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-sqlite-3.0.15-21.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-utils-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-utils-3.0.15-21.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python2-freeradius-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">python2-freeradius-3.0.15-21.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-3.0.15-22.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-debuginfo-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-debuginfo-3.0.15-22.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-debugsource-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-debugsource-3.0.15-22.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-devel-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-devel-3.0.15-22.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-help-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-help-3.0.15-22.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-krb5-3.0.15-22" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-krb5-3.0.15-22.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-ldap-3.0.15-22" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-ldap-3.0.15-22.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-mysql-3.0.15-22" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-mysql-3.0.15-22.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-perl-3.0.15-22" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-perl-3.0.15-22.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-postgresql-3.0.15-22" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-postgresql-3.0.15-22.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-sqlite-3.0.15-22" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-sqlite-3.0.15-22.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="freeradius-utils-3.0.15-22" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-utils-3.0.15-22.oe1.aarch64.rpm</FullProductName>
</Branch>
<Branch Type="Package Arch" Name="src">
<FullProductName ProductID="freeradius-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-3.0.15-21.oe1.src.rpm</FullProductName>
<FullProductName ProductID="freeradius-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-3.0.15-22.oe1.src.rpm</FullProductName>
</Branch>
<Branch Type="Package Arch" Name="x86_64">
<FullProductName ProductID="freeradius-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-3.0.15-21.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-debuginfo-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-debuginfo-3.0.15-21.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-debugsource-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-debugsource-3.0.15-21.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-devel-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-devel-3.0.15-21.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-help-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-help-3.0.15-21.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-krb5-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-krb5-3.0.15-21.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-ldap-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-ldap-3.0.15-21.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-mysql-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-mysql-3.0.15-21.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-perl-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-perl-3.0.15-21.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-postgresql-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-postgresql-3.0.15-21.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-sqlite-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-sqlite-3.0.15-21.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-utils-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">freeradius-utils-3.0.15-21.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python2-freeradius-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS">python2-freeradius-3.0.15-21.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-3.0.15-22.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-debuginfo-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-debuginfo-3.0.15-22.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-debugsource-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-debugsource-3.0.15-22.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-devel-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-devel-3.0.15-22.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-help-3.0.15-21" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-help-3.0.15-22.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-krb5-3.0.15-22" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-krb5-3.0.15-22.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-ldap-3.0.15-22" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-ldap-3.0.15-22.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-mysql-3.0.15-22" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-mysql-3.0.15-22.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-perl-3.0.15-22" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-perl-3.0.15-22.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-postgresql-3.0.15-22" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-postgresql-3.0.15-22.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-sqlite-3.0.15-22" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-sqlite-3.0.15-22.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="freeradius-utils-3.0.15-22" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">freeradius-utils-3.0.15-22.oe1.x86_64.rpm</FullProductName>
</Branch>
</ProductTree>
<Vulnerability Ordinal="1" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="1" xml:lang="en">In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. This leaks information that an attacker can use to recover the password of any user. This information leakage is similar to the "Dragonblood" attack and CVE-2019-9494.</Note>
</Notes>
<ReleaseDate>2021-02-05</ReleaseDate>
<CVE>CVE-2019-13456</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS</ProductID>
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>Medium</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>6.5</BaseScore>
<Vector>AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>freeradius security update</Description>
<DATE>2021-02-05</DATE>
<URL>https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1031</URL>
</Remediation>
</Remediations>
</Vulnerability>
<Vulnerability Ordinal="2" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="1" xml:lang="en">In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BN_CTX instance to handle all handshakes. This mean multiple threads use the same BN_CTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are initiated. This can be abused by an adversary as a Denial-of-Service (DoS) attack.</Note>
</Notes>
<ReleaseDate>2021-02-05</ReleaseDate>
<CVE>CVE-2019-17185</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS</ProductID>
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>High</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>7.5</BaseScore>
<Vector>AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>freeradius security update</Description>
<DATE>2021-02-05</DATE>
<URL>https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1031</URL>
</Remediation>
</Remediations>
</Vulnerability>
</cvrfdoc>
Reference in New Issue View Git Blame Copy Permalink