[OSSA 2014-002] Possible timing attack against tempurl (CVE-2014-0006)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
| OpenStack Object Storage (swift) |
Undecided
|
Unassigned | ||
| Grizzly |
Undecided
|
Unassigned | ||
| Havana |
Undecided
|
Unassigned | ||
| OpenStack Security Advisory |
Medium
|
Thierry Carrez |
Bug Description
Swift's TempURL middleware compares a user-submitted string (HMAC digest) against a list of valid strings to determine whether or not to allow access to an object. The string comparison uses Python's builtin string comparison, which short-circuits evaluation on the first differing character, which may let an attacker perform timing analysis.
The attached patch changes the string comparison to be constant-time.
CVE References
Samuel Merritt (torgomatic) wrote : | #1 |
John Dickinson (notmyname) wrote : | #2 |
Jeremy Stanley (fungi) wrote : | #3 |
For what verson of swift was the TempURL middleware introduced (assuming this vulnerability was introduced along with it)?
Samuel Merritt (torgomatic) wrote : | #4 |
Looks like TempURL came in with Swift 1.4.6, which was released in Feb 2012.
Jeremy Stanley (fungi) wrote : | #5 |
Okay, so that means Essex from an integrated release perspective? In that case we're going to need stable/grizzly and stable/havana series tasks and backport patches.
Thierry Carrez (ttx) wrote : | #6 |
That means create a backport for 1.8.0 (stable/grizzly) and 1.10.0 (stable/havana)
Changed in ossa: | |
status: | New → Confirmed |
Changed in ossa: | |
importance: | Undecided → Medium |
Samuel Merritt (torgomatic) wrote : | #7 |
Patch for 1.10
Samuel Merritt (torgomatic) wrote : | #8 |
Patch for 1.8.0
Changed in swift: | |
status: | New → In Progress |
Thierry Carrez (ttx) wrote : | #9 |
Proposed impact description:
-------
Title: Swift TempURL timing attack
Reporter: Samuel Merritt (SwiftStack)
Products: Swift
Affects: All supported versions
Description:
Samuel Merritt from SwiftStack reported a timing attack vulnerability in Swift TempURL middleware. By analyzing response times to arbitrary TempURL requests, an attacker may be able to guess valid secret URLs and get access to files that were only intended to be publicly shared with specific recipients. Only Swift setups enabling the TempURL middleware are affected.
-------
Changed in ossa: | |
status: | Confirmed → Triaged |
assignee: | nobody → Thierry Carrez (ttx) |
Jeremy Stanley (fungi) wrote : | #10 |
That impact description looks fine to me. Would it help at all (from a risk identification perspective) to point out that this exploit involves identifying objects at random, and so poses additional hurdles for any sort of targeted attack (needle in haystack situation)?
Samuel Merritt (torgomatic) wrote : | #11 |
I think that yes, it would be helpful to mention that an object name must already be known in order to use this attack.
Also, the object's account must have a TempURL key set (X-Account-
clayg (clay-gerrard) wrote : | #12 |
Patches all checkout for me. I didn't attempt a timing attack but the changes seem reasonable. +2
Thierry Carrez (ttx) wrote : | #13 |
New version
-------
Title: Swift TempURL timing attack
Reporter: Samuel Merritt (SwiftStack)
Products: Swift
Affects: All supported versions
Description:
Samuel Merritt from SwiftStack reported a timing attack vulnerability in Swift TempURL middleware. By analyzing response times to arbitrary TempURL requests, an attacker may be able to guess valid secret URLs and get access to objects that were only intended to be publicly shared with specific recipients. In order to use this attack, the attacker needs to know the targeted object name, and the object account needs to have a TempURL key set. Only Swift setups enabling the TempURL middleware are affected.
-------
Jeremy Stanley (fungi) wrote : | #14 |
Thierry's updated impact description in comment #13 looks good.
Samuel Merritt (torgomatic) wrote : | #15 |
Text looks good to me.
Thierry Carrez (ttx) wrote : | #17 |
CVE-2014-0006
summary: |
- Possible timing attack against tempurl + Possible timing attack against tempurl (CVE-2014-0006) |
@John, Samuel: how about we set the coordinated disclosure date to Thursday, January 16th ? That gives us a few days to merge it and make it part of Swift 1.12.0
John Dickinson (notmyname) wrote : | #19 |
Thierry's plan is good +1
Thierry Carrez (ttx) wrote : | #20 |
pre-OSSA sent
Proposed public disclosure date/time: Thursday, January 16, 1500UTC.
Changed in ossa: | |
status: | In Progress → Fix Committed |
Changed in swift: | |
milestone: | none → 1.12.0 |
information type: | Private Security → Public Security |
Reviewed: https:/
Committed: https:/
Submitter: Jenkins
Branch: master
commit 754633988931e40
Author: Samuel Merritt <email address hidden>
Date: Thu Jan 16 13:40:53 2014 +0100
Use constant time comparison in tempURL
Use constant time comparison when evaluating tempURL to avoid timing
attacks (CVE-2014-0006).
Fixes bug 1265665
Change-Id: I11e4ad83cc4077
Changed in swift: | |
status: | In Progress → Fix Committed |
[OSSA 2014-002]
summary: |
- Possible timing attack against tempurl (CVE-2014-0006) + [OSSA 2014-002] Possible timing attack against tempurl (CVE-2014-0006) |
Changed in swift: | |
status: | Fix Committed → Fix Released |
Reviewed: https:/
Committed: https:/
Submitter: Jenkins
Branch: stable/havana
commit b2c61375b325548
Author: Samuel Merritt <email address hidden>
Date: Thu Jan 16 13:44:23 2014 +0100
Use constant time comparison in tempURL
Use constant time comparison when evaluating tempURL to avoid timing
attacks (CVE-2014-0006). This is the havana backport of the master
patch.
Fixes bug 1265665
Change-Id: I11e4ad83cc4077
Reviewed: https:/
Committed: https:/
Submitter: Jenkins
Branch: stable/grizzly
commit c0eed792a22865b
Author: Samuel Merritt <email address hidden>
Date: Thu Jan 16 13:45:52 2014 +0100
Use constant time comparison in tempURL
Use constant time comparison when evaluating tempURL to avoid timing
attacks (CVE-2014-0006). This is the grizzly backport of the master
patch.
Fixes bug 1265665
Change-Id: I11e4ad83cc4077
Changed in ossa: | |
status: | Fix Committed → Fix Released |
Fix proposed to branch: feature/ec
Review: https:/
+2 looks good to me