Bug 1041445 - (CVE-2017-9148) VUL-0: CVE-2017-9148: freeradius-server: TLS resumption authentication bypass
(CVE-2017-9148)
VUL-0: CVE-2017-9148: freeradius-server: TLS resumption authentication bypass
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/186005/
CVSSv3:RedHat:CVE-2017-9148:7.4:(AV:N...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-05-29 12:56 UTC by Adam Majer
Modified: 2017-10-26 07:33 UTC (History)
3 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
upstream patch from git (3.96 KB, patch)
2017-05-29 12:56 UTC, Adam Majer
Details | Diff
upstream patch from git (1.44 KB, patch)
2017-06-08 09:21 UTC, Adam Majer
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Adam Majer 2017-05-29 12:56:15 UTC
Created attachment 726814 [details]
upstream patch from git

Description:

TLS client certificate expiration not enforced on session resumption



https://nvd.nist.gov/vuln/detail/CVE-2017-9148
Comment 2 Marcus Meissner 2017-05-30 14:04:55 UTC
ignore last coment
Comment 6 Adam Majer 2017-06-08 09:21:05 UTC
Created attachment 728232 [details]
upstream patch from git
Comment 7 Bernhard Wiedemann 2017-06-08 12:00:43 UTC
This is an autogenerated message for OBS integration:
This bug (1041445) was mentioned in
https://build.opensuse.org/request/show/501884 42.2 / freeradius-server
Comment 12 Swamp Workflow Management 2017-06-19 19:09:28 UTC
openSUSE-SU-2017:1609-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1041445
CVE References: CVE-2017-9148
Sources used:
openSUSE Leap 42.2 (src):    freeradius-server-3.0.12-2.3.1
Comment 13 Petr Cervinka 2017-06-27 12:12:42 UTC
Note for QA reproduction:
You need to run radiusd in production mode, not in debugging mode "radiusd -X".

If you run radiusd in debugging mode, it will crash because of another existing bug bsc#1042145.
Comment 14 Swamp Workflow Management 2017-06-27 19:09:46 UTC
SUSE-SU-2017:1705-1: An update that solves one vulnerability and has one errata is now available.

Category: security (moderate)
Bug References: 1027243,1041445
CVE References: CVE-2017-9148
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    freeradius-server-3.0.3-17.4.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    freeradius-server-3.0.3-17.4.1
SUSE Linux Enterprise Server 12-SP2 (src):    freeradius-server-3.0.3-17.4.1
Comment 15 Swamp Workflow Management 2017-07-04 19:21:57 UTC
SUSE-SU-2017:1777-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1041445,912873,935573
CVE References: CVE-2015-4680,CVE-2017-9148
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    freeradius-server-2.1.1-7.24.1
SUSE Linux Enterprise Server 11-SP4 (src):    freeradius-server-2.1.1-7.24.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    freeradius-server-2.1.1-7.24.1
Comment 16 Marcus Meissner 2017-10-26 07:33:13 UTC
released