GHSA-52XF-5P2M-9WRV
Vulnerability from github – Published: 2024-06-06 14:26 – Updated: 2024-06-06 14:26When receiving a message from a client that sent an invalid RSA premaster secret, an issue in s2n-tls results in the server performing additional processing when the premaster secret contains an incorrect client hello version. While no practical attack on s2n-tls has been demonstrated, this causes a small timing difference which could theoretically be used as described in the Marvin Attack [1].
We would like to thank Hubert Kario [2] for reporting this issue.
Impact
The extent of this issue is a timing difference. No practical attack on s2n-tls has been demonstrated.
This issue affects server applications that permit RSA key exchange. Applications that use the default, built-in blinding feature or properly implement self-service blinding are not affected.
Impacted versions: <= v1.4.15.
Patches
The patch is included in v1.4.16 [3].
Workarounds
Applications can work around this issue by using an s2n-tls security policy that disallows RSA key exchange.
If you have any questions or comments about this advisory we ask that you contact AWS/Amazon Security via our vulnerability reporting page [4] or directly via email to aws-security@amazon.com. Please do not create a public GitHub issue.
[1] https://people.redhat.com/~hkario/marvin/ [2] https://github.com/tomato42 [3] https://github.com/aws/s2n-tls/releases/tag/v1.4.16 [4] https://aws.amazon.com/security/vulnerability-reporting
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.2.6"
},
"package": {
"ecosystem": "crates.io",
"name": "s2n-tls"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.2.7"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [],
"database_specific": {
"cwe_ids": [
"CWE-203"
],
"github_reviewed": true,
"github_reviewed_at": "2024-06-06T14:26:18Z",
"nvd_published_at": null,
"severity": "LOW"
},
"details": "When receiving a message from a client that sent an invalid RSA premaster secret, an issue in s2n-tls results in the server performing additional processing when the premaster secret contains an incorrect client hello version. While no practical attack on s2n-tls has been demonstrated, this causes a small timing difference which could theoretically be used as described in the Marvin Attack [1].\n\nWe would like to thank Hubert Kario [2] for reporting this issue.\n\n\n### Impact\n\nThe extent of this issue is a timing difference. No practical attack on s2n-tls has been demonstrated.\n\nThis issue affects server applications that permit RSA key exchange. Applications that use the default, built-in blinding feature or properly implement self-service blinding are not affected.\n\nImpacted versions: \u003c= v1.4.15.\n\n\n### Patches\n\nThe patch is included in v1.4.16 [3].\n\n### Workarounds\n\nApplications can work around this issue by using an s2n-tls security policy that disallows RSA key exchange.\n\nIf you have any questions or comments about this advisory we ask that you contact AWS/Amazon Security via our vulnerability reporting page [4] or directly via email to [aws-security@amazon.com](mailto:aws-security@amazon.com). Please do not create a public GitHub issue.\n\n[1] https://people.redhat.com/~hkario/marvin/\n[2] https://github.com/tomato42\n[3] https://github.com/aws/s2n-tls/releases/tag/v1.4.16\n[4] https://aws.amazon.com/security/vulnerability-reporting",
"id": "GHSA-52xf-5p2m-9wrv",
"modified": "2024-06-06T14:26:18Z",
"published": "2024-06-06T14:26:18Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/aws/s2n-tls/security/advisories/GHSA-52xf-5p2m-9wrv"
},
{
"type": "WEB",
"url": "https://github.com/aws/s2n-tls/commit/114ccab0ff2cde491203ac841837d0d39b767412"
},
{
"type": "PACKAGE",
"url": "https://github.com/aws/s2n-tls"
},
{
"type": "WEB",
"url": "https://github.com/aws/s2n-tls/releases/tag/v1.4.16"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "s2n-tls has a potentially observable differences in RSA premaster secret handling"
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.