The GnuTLS Hello flaw leaves vulnerable SSL clients

Pierluigi Paganini June 05, 2014

Experts at security firm Codenomicon discovered a critical buffer overflow vulnerability in the implementation of the GnuTLS software.

GnuTLS, a free software implementation of SSL/TLS/DTLS protocols, it offers a set of application programming interface (API) to enable secure communication over their network transport layer.
News of the day is that the widely used cryptographic library is vulnerable to a buffer overflow flaw that could be exploited by attackers to crash TLS clients or potentially execute malicious code.
The bug in GnuTLS, coded as CVE-2014-3466 was discovered by Joonas Kuorilehto of security firm Codenomicon, the same company who discovered Heartbleed vulnerability in the OpenSSL library.
“Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message.” is the description provided by Mitre in the CVE-ID.
The researchers discovered that the GnuTLS Vulnerability affects the way GnuTLS manages the session ID from the server response during a TLS handshake, in particular the implementation doesn’t parse correctly the parameter allowing to send the session ID value in the ServerHello message of arbitrary length.
gnutls session-id parsing
A malicious server could send excessively long value to the target client system in order to exploit the buffer overflow vulnerability, the server could send a specifically crafted malicious payload to clients as they establish encrypted HTTPS connections. In the attack scenario the exploitation of the GnuTLS Remote Code Execution flaw is possible only for clients that are connecting to the malicious server.
The readers that are searching for detailed analysis of the GnuTLS vulnerabilities could give a look to the information published on the Radare blog.
The GnuTLS project has already issued updated version 3.1.25, 3.2.15 and 3.3.3 to fix the flaw, also Red Hat has issued a patch for this GnuTLS vulnerability, below the explanation provided on their website:
A flaw was found in the way GnuTLS parsed session ids from Server Hello packets of the TLS/SSL handshake,” “A malicious server could use this flaw to send an excessively long session id value and trigger a buffer overflow in a connecting TLS/SSL client using GnuTLS, causing it to crash or, possibly, execute arbitrary code.” states Red Hat.

The flaw is in read_server_hello() / _gnutls_read_server_hello(), where session_id_len is checked to not exceed incoming packet size, but not checked to ensure it does not exceed maximum session id length.”

Update your system as soon as possible.

Pierluigi Paganini

(Security Affairs –  GnuTLS, encryption)

you might also like

leave a comment