Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Wed, 18 Nov 2015 20:54:45 +0000
From: Tristan Cacqueray <tdecacqu@...hat.com>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org
Subject: Re: Re: CVE request for vulnerability in OpenStack
 Glance

On 11/18/2015 02:11 PM, cve-assign@...re.org wrote:
>> Glance computes cryptographic signature using MD5 hash of the
>> image. By crafting a malicious image that produces a MD5 collision, a
>> Glance backend operator may subvert the signature verification process,
>> resulting in a corrupted image.
> 
>> https://launchpad.net/bugs/1516031
> 
> Use CVE-2015-8234.
> 
Thank you.

> We're willing to let the OpenStack VMT have CVEs for mostly arbitrary
> types of issues that they want OpenStack customers to treat as
> vulnerabilities.
> http://specs.openstack.org/openstack/glance-specs/specs/liberty/image-signing-and-verification-support.html
> possibly suggests that the behavior represents an intended
> intermediate step of feature development: "An alternative to using the
> existing MD5 hash algorithm is to create a separate configurable hash
> for use with verifying/creating the signature. However, creating a
> separate hash negatively affects the performance, without providing
> much benefit. Note that since there are preferable hash algorithms to
> MD5 that are more secure, a separate change is being proposed to allow
> for the configuring of this hash algorithm. This will not be included
> as a part of this change, in the interest of having a straightforward
> initial implementation." If so, then we think vendors typically
> wouldn't want CVEs in these types of situations, unless the
> intermediate step actually made something worse than before the
> feature development started.
> 
This is indeed a corner case, though since glance 11.0.0 is shipping a
broken image verification procedure, it seemed appropriate to assign
this bug a CVE number.

Regards,

--
Tristan Cacqueray
OpenStack Vulnerability Management Team


Download attachment "signature.asc" of type "application/pgp-signature" (474 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.