Bug 1199756 - (CVE-2022-29217) VUL-0: CVE-2022-29217: python27-PyJWT,python-PyJWT: Key confusion through non-blocklisted public key formats
(CVE-2022-29217)
VUL-0: CVE-2022-29217: python27-PyJWT,python-PyJWT: Key confusion through non...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Major
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/332393/
CVSSv3.1:SUSE:CVE-2022-29217:7.5:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-05-20 09:37 UTC by Thomas Leroy
Modified: 2023-01-17 15:38 UTC (History)
5 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Leroy 2022-05-20 09:37:19 UTC
rh#2088544

PyJWT supports multiple different JWT signing algorithms. With JWT, an attacker submitting the JWT token can choose the used signing algorithm.

The PyJWT library requires that the application chooses what algorithms are supported. The application can specify "jwt.algorithms.get_default_algorithms()" to get support for all algorithms. They can also specify a single one of them (which is the usual use case if calling jwt.decode directly. However, if calling jwt.decode in a helper function, all algorithms might be enabled.)

For example, if the user chooses "none" algorithm and the JWT checker supports that, there will be no signature checking. This is a common security issue with some JWT implementations.

PyJWT combats this by requiring that the if the "none" algorithm is used, the key has to be empty. As the key is given by the application running the checker, attacker cannot force "none" cipher to be used.

Similarly with HMAC (symmetric) algorithm, PyJWT checks that the key is not a public key meant for asymmetric algorithm i.e. HMAC cannot be used if the key begins with "ssh-rsa". If HMAC is used with a public key, the attacker can just use the publicly known public key to sign the token and the checker would use the same key to verify.

From PyJWT 2.0.0 onwards, PyJWT supports ed25519 asymmetric algorithm. With ed25519, PyJWT supports public keys that start with "ssh-", for example "ssh-ed25519".

Upstream commit:
https://github.com/jpadilla/pyjwt/commit/9c528670c455b8d948aff95ed50e22940d1ad3fc

Reference:
https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24
https://bugzilla.redhat.com/show_bug.cgi?id=2088544
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-29217
Comment 1 Thomas Leroy 2022-05-20 09:38:40 UTC
The following codestreams should be affected:
- SUSE:SLE-12-SP1:Update
- SUSE:SLE-12-SP3:Update:Products:Cloud8:Update
- SUSE:SLE-12-SP4:Update:Products:Cloud9:Update 
- SUSE:SLE-15:Update
- SUSE:SLE-15-SP1:Update
- SUSE:SLE-15-SP2:Update

SUSE:SLE-11-SP1:Update:Teradata/python27-PyJWT is not affected
Comment 2 Matej Cepl 2022-06-20 14:13:35 UTC
(In reply to Thomas Leroy from comment #1)
> The following codestreams should be affected:
> - SUSE:SLE-12-SP1:Update
> - SUSE:SLE-12-SP3:Update:Products:Cloud8:Update
> - SUSE:SLE-12-SP4:Update:Products:Cloud9:Update 
> - SUSE:SLE-15:Update
> - SUSE:SLE-15-SP1:Update
> - SUSE:SLE-15-SP2:Update
> 
> SUSE:SLE-11-SP1:Update:Teradata/python27-PyJWT is not affected

Are you certain about it, I have here as supported only these channels:

SLE-12-SP1:Update
SLE-15-SP1:Update
SLE-15-SP2:Update
Comment 4 Thomas Leroy 2022-06-21 09:31:22 UTC
(In reply to Matej Cepl from comment #2)
> Are you certain about it, I have here as supported only these channels:
> 
> SLE-12-SP1:Update
> SLE-15-SP1:Update
> SLE-15-SP2:Update

On smelt.suse.de/maintained/, SUSE:SLE-15:Update is indeed disabled, maybe because its only channel is EOL. So we don't need a submission for this codestream. However, SUSE:SLE-12-SP3:Update:Products:Cloud8:Update and SUSE:SLE-12-SP4:Update:Products:Cloud9:Update are enabled, but since this is for Cloud products, I don't know if it's maintainer's job to submit to those 2 codestreams...
Comment 5 Swamp Workflow Management 2022-07-14 18:51:41 UTC
SUSE-SU-2022:2403-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1199756
CVE References: CVE-2022-29217
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    python-PyJWT-1.7.1-150100.6.7.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    python-PyJWT-1.7.1-150100.6.7.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    python-PyJWT-1.7.1-150100.6.7.1
SUSE Linux Enterprise Module for Public Cloud 15-SP2 (src):    python-PyJWT-1.7.1-150100.6.7.1
SUSE Linux Enterprise Module for Public Cloud 15-SP1 (src):    python-PyJWT-1.7.1-150100.6.7.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    python-PyJWT-1.7.1-150100.6.7.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    python-PyJWT-1.7.1-150100.6.7.1
SUSE Enterprise Storage 6 (src):    python-PyJWT-1.7.1-150100.6.7.1
SUSE CaaS Platform 4.0 (src):    python-PyJWT-1.7.1-150100.6.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 6 Swamp Workflow Management 2022-07-14 18:55:26 UTC
SUSE-SU-2022:2402-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1199756
CVE References: CVE-2022-29217
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    python-PyJWT-1.7.1-150200.3.3.1
openSUSE Leap 15.3 (src):    python-PyJWT-1.7.1-150200.3.3.1
SUSE Manager Server 4.1 (src):    python-PyJWT-1.7.1-150200.3.3.1
SUSE Manager Retail Branch Server 4.1 (src):    python-PyJWT-1.7.1-150200.3.3.1
SUSE Manager Proxy 4.1 (src):    python-PyJWT-1.7.1-150200.3.3.1
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    python-PyJWT-1.7.1-150200.3.3.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    python-PyJWT-1.7.1-150200.3.3.1
SUSE Linux Enterprise Server 15-SP2-BCL (src):    python-PyJWT-1.7.1-150200.3.3.1
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (src):    python-PyJWT-1.7.1-150200.3.3.1
SUSE Linux Enterprise Module for Basesystem 15-SP4 (src):    python-PyJWT-1.7.1-150200.3.3.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    python-PyJWT-1.7.1-150200.3.3.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    python-PyJWT-1.7.1-150200.3.3.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    python-PyJWT-1.7.1-150200.3.3.1
SUSE Enterprise Storage 7 (src):    python-PyJWT-1.7.1-150200.3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 7 Swamp Workflow Management 2022-07-14 18:56:03 UTC
SUSE-SU-2022:2401-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1199756
CVE References: CVE-2022-29217
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 12 (src):    python-PyJWT-1.5.3-3.16.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 9 Thomas Leroy 2022-08-11 07:21:47 UTC
Matej, could you please also submit to SUSE:SLE-12-SP3:Update:Products:Cloud8:Update and SUSE:SLE-12-SP4:Update:Products:Cloud9:Update ? :)
Comment 10 Matej Cepl 2022-08-18 10:20:50 UTC
(In reply to Thomas Leroy from comment #9)
> Matej, could you please also submit to
> SUSE:SLE-12-SP3:Update:Products:Cloud8:Update and
> SUSE:SLE-12-SP4:Update:Products:Cloud9:Update ? :)

For both of these I suggest WONTFIX (the patch requires python-cryptography >= 2.6 and porting the patch to older version of cryptography would be quite complicated).
Comment 15 Swamp Workflow Management 2022-10-06 19:18:52 UTC
SUSE-SU-2022:3545-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1199756
CVE References: CVE-2022-29217
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15 (src):    python-PyJWT-1.5.3-150000.3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.