Bug#559107: weaknesses in BSD PRNG algorithms

To: Petr Salinger <Petr.Salinger@seznam.cz>
Cc: Moritz Muehlenhoff <jmm@inutil.org>, 559107@bugs.debian.org, control@bugs.debian.org
Subject: Bug#559107: weaknesses in BSD PRNG algorithms
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Thu, 3 Dec 2009 22:42:59 +0100
Message-id: <20091203214259.GA4729@galadriel.inutil.org>
Reply-to: Moritz Muehlenhoff <jmm@inutil.org>, 559107@bugs.debian.org
In-reply-to: <Pine.LNX.4.62.0912031328110.32543@sci.felk.cvut.cz>
References: <Pine.LNX.4.62.0912020917460.29205@sci.felk.cvut.cz> <20091201222629.4015.92086.reportbug@localhost.localdomain> <handler.559107.D559107.125974199823788.notifdone@bugs.debian.org> <20091202193737.GA732@inutil.org> <Pine.LNX.4.62.0912031328110.32543@sci.felk.cvut.cz>

severity 559107 normal
thanks

On Thu, Dec 03, 2009 at 02:01:06PM +0100, Petr Salinger wrote:
> severity 559107 important
> --
> 
> >But the status of CVE-2008-114[678] is still open. Do they affect the
> >KFreeBSD port? What's the position of the FreeBSD kernel developers on
> >these issues?
> 
> I used as description this
> 
> http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf
> 
> The GNU/kFreeBSD (kfreebsd-?) is not affected by CVE-2008-1146 and CVE-2008-1148 at all.

Thanks, fixed in the Debian Security Tracker.

> For CVE-2008-1147 holds:
> 
>   Exploitations of the predictability of the IP fragmentation ID were made
>   public almost a decade ago.
>   NetBSD, FreeBSD and DragonFlyBSD do not randomize IP fragmentation ID
>   field at all by default, and provide a kernel flag
>   (net.inet.ip.random_id) that enables randomization through the weak algorithm.
> 
> The weak algorithm have been replaced by upstream commit (Feb 6 2008)
> http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/ip_id.c?rev=1.10;contenttype=
> 
>   Replace the random IP ID generation code we
>   obtained from OpenBSD with an algorithm suggested
>   by Amit Klein.  The OpenBSD algorithm has a few
>   flaws; see Amit's paper for more information.
> 
>   For a description of how this algorithm works,
>   please see the comments within the code.
> 
>   Note that this commit does not yet enable random IP ID
>   generation by default.  There are still some concerns
>   that doing so will adversely affect performance.
> 
> This commit have not been MFC-ed to STABLE-7.
> The default value for net.inet.ip.random_id is 0 even in HEAD,
> 
> The FreeBSD developers/security_team did publish no "security
> advisory", no "errata notice", they did not include it in next
> release (7.1 - January 2009).

If I understand it correctly, this means that the fix is present in
kfreebsd-8, but not kfreebsd-7? Not having it enabled by default seems
good enough to me.

Will Squeeze use kfreebsd-7 or -8 or both?

Cheers,
        Moritz

Reply to:

Follow-Ups:
- Processed: Re: Bug#559107: weaknesses in BSD PRNG algorithms
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#559107: weaknesses in BSD PRNG algorithms
  - From: Petr Salinger <Petr.Salinger@seznam.cz>

References:
- Bug#559107: Local root exploit in rtld
  - From: Moritz Muehlenhoff <jmm@debian.org>
- Bug#559107: closed by Petr Salinger <Petr.Salinger@seznam.cz> (Re: Bug#559107: Local root exploit in rtld)
  - From: Moritz Muehlenhoff <jmm@inutil.org>
- Bug#559107: weaknesses in BSD PRNG algorithms
  - From: Petr Salinger <Petr.Salinger@seznam.cz>

Prev by Date: Processed: Re: Bug#559107: weaknesses in BSD PRNG algorithms
Next by Date: Bug#559344: kldutils: bashism used in /etc/init.d/module-init-tools
Previous by thread: Processed: Re: Bug#559107: weaknesses in BSD PRNG algorithms
Next by thread: Processed: Re: Bug#559107: weaknesses in BSD PRNG algorithms
Index(es):
- Date
- Thread