CVE-2018-1000808

08.10.2018, 15:29

Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing Last Reference vulnerability in PKCS #12 Store that can result in Denial of service if memory runs low or is exhausted. This attack appear to be exploitable via Depends upon calling application, however it could be as simple as initiating a TLS connection. Anything that would cause the calling application to reload certificates from a PKCS #12 store.. This vulnerability appears to have been fixed in 17.5.0.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.9 MEDIUM	NETWORK	HIGH	NONE	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 36%

Affected Products (NVD)

Vendor	Product	Version
pyopenssl_project	pyopenssl	𝑥 < 17.5.0
canonical	ubuntu_linux	16.04
redhat	gluster_storage	3.0
redhat	enterprise_linux_desktop	7.0
redhat	enterprise_linux_server	7.0
redhat	enterprise_linux_workstation	7.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

pyopenssl

bookworm	23.0.0-1 fixed
bullseye	20.0.1-1 fixed
jessie	no-dsa
sid	24.2.1-1 fixed
stretch	no-dsa
trixie	24.2.1-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

pyopenssl

bionic	not-affected
cosmic	not-affected
trusty	not-affected
xenial	Fixed 0.15.1-2ubuntu0.2 released

openSUSE / SLES Releases

openSUSE Product

Release

aws-cli-py36

suse enterprise server 12 SP3

1.19.9-6.3.15

fixed

libpython3_6m1_0

suse enterprise server 12 SP3

3.6.15-6.61.5

fixed

python-cryptography

suse enterprise sap 12 SP3	1.3.1-7.13.4 fixed
suse enterprise sap 12 SP4	1.3.1-7.13.4 fixed
suse enterprise sap 12 SP5	1.3.1-7.13.4 fixed
suse enterprise server 12 SP2	1.3.1-7.13.4 fixed
suse enterprise server 12 SP3	1.3.1-7.13.4 fixed
suse enterprise server 12 SP4	1.3.1-7.13.4 fixed
suse enterprise server 12 SP5	1.3.1-7.13.4 fixed

python-pyOpenSSL

suse enterprise sap 12 SP3	16.0.0-4.11.3 fixed
suse enterprise sap 12 SP4	16.0.0-4.11.3 fixed
suse enterprise sap 12 SP5	17.1.0-4.26.1 fixed
suse enterprise server 12 SP2	16.0.0-4.11.3 fixed
suse enterprise server 12 SP3	17.1.0-4.26.1 fixed
suse enterprise server 12 SP4	16.0.0-4.11.3 fixed
suse enterprise server 12 SP5	17.1.0-4.26.1 fixed

python-setuptools

suse enterprise sap 12	18.0.1-4.8.1 fixed
suse enterprise sap 12 SP3	18.0.1-4.8.1 fixed
suse enterprise sap 12 SP4	18.0.1-4.8.1 fixed
suse enterprise sap 12 SP5	18.0.1-4.8.1 fixed
suse enterprise server 12	18.0.1-4.8.1 fixed
suse enterprise server 12 SP1	18.0.1-4.8.1 fixed
suse enterprise server 12 SP2	18.0.1-4.8.1 fixed
suse enterprise server 12 SP3	18.0.1-4.8.1 fixed
suse enterprise server 12 SP4	18.0.1-4.8.1 fixed
suse enterprise server 12 SP5	18.0.1-4.8.1 fixed

python3-cryptography

suse enterprise sap 12 SP3	1.3.1-7.13.4 fixed
suse enterprise sap 12 SP4	1.3.1-7.13.4 fixed
suse enterprise sap 12 SP5	1.3.1-7.13.4 fixed
suse enterprise server 12 SP2	1.3.1-7.13.4 fixed
suse enterprise server 12 SP3	1.3.1-7.13.4 fixed
suse enterprise server 12 SP4	1.3.1-7.13.4 fixed
suse enterprise server 12 SP5	1.3.1-7.13.4 fixed

python3-pyOpenSSL

suse enterprise sap 12 SP3	16.0.0-4.11.3 fixed
suse enterprise sap 12 SP4	16.0.0-4.11.3 fixed
suse enterprise sap 12 SP5	17.1.0-4.26.1 fixed
suse enterprise server 12 SP2	16.0.0-4.11.3 fixed
suse enterprise server 12 SP3	17.1.0-4.26.1 fixed
suse enterprise server 12 SP4	16.0.0-4.11.3 fixed
suse enterprise server 12 SP5	17.1.0-4.26.1 fixed

python3-setuptools

suse enterprise sap 12	18.0.1-4.8.1 fixed
suse enterprise sap 12 SP3	18.0.1-4.8.1 fixed
suse enterprise sap 12 SP4	18.0.1-4.8.1 fixed
suse enterprise sap 12 SP5	18.0.1-4.8.1 fixed
suse enterprise server 12	18.0.1-4.8.1 fixed
suse enterprise server 12 SP1	18.0.1-4.8.1 fixed
suse enterprise server 12 SP2	18.0.1-4.8.1 fixed
suse enterprise server 12 SP3	18.0.1-4.8.1 fixed
suse enterprise server 12 SP4	18.0.1-4.8.1 fixed
suse enterprise server 12 SP5	18.0.1-4.8.1 fixed

python36

suse enterprise server 12 SP3

3.6.15-6.61.6

fixed

python36-PyYAML

suse enterprise server 12 SP3

5.3.1-6.5.12

fixed

python36-appdirs

suse enterprise server 12 SP3

1.4.3-6.3.8

fixed

python36-asn1crypto

suse enterprise server 12 SP3

0.24.0-6.3.16

fixed

python36-base

suse enterprise server 12 SP3

3.6.15-6.61.5

fixed

python36-boto3

suse enterprise server 12 SP3

1.17.9-6.3.11

fixed

python36-botocore

suse enterprise server 12 SP3

1.20.9-6.3.11

fixed

python36-certifi

suse enterprise server 12 SP3

2018.1.18-6.3.15

fixed

python36-cffi

suse enterprise server 12 SP3

1.11.5-6.3.18

fixed

python36-chardet

suse enterprise server 12 SP3

3.0.4-6.3.15

fixed

python36-colorama

suse enterprise server 12 SP3

0.4.4-6.3.15

fixed

python36-cryptography

suse enterprise server 12 SP3

2.8-6.3.17

fixed

python36-curses

suse enterprise server 12 SP3

3.6.15-6.61.6

fixed

python36-dbm

suse enterprise server 12 SP3

3.6.15-6.61.6

fixed

python36-devel

suse enterprise server 12 SP3

3.6.15-6.61.5

fixed

python36-docutils

suse enterprise server 12 SP3

0.14-6.3.8

fixed

python36-idle

suse enterprise server 12 SP3

3.6.15-6.61.6

fixed

python36-idna

suse enterprise server 12 SP3

2.6-6.5.15

fixed

python36-jmespath

suse enterprise server 12 SP3

0.9.3-6.3.14

fixed

python36-packaging

suse enterprise server 12 SP3

17.1-6.6.8

fixed

python36-ply

suse enterprise server 12 SP3

3.10-6.3.8

fixed

python36-ply-doc

suse enterprise server 12 SP3

3.10-6.3.8

fixed

python36-py

suse enterprise server 12 SP3

1.8.1-6.3.15

fixed

python36-pyOpenSSL

suse enterprise server 12 SP3

17.1.0-6.3.16

fixed

python36-pyasn1

suse enterprise server 12 SP3

0.1.9-6.3.18

fixed

python36-pycparser

suse enterprise server 12 SP3

2.10-6.3.9

fixed

python36-pyparsing

suse enterprise server 12 SP3

2.4.7-6.3.9

fixed

python36-pyparsing-doc

suse enterprise server 12 SP3

2.4.7-6.3.9

fixed

python36-python-dateutil

suse enterprise server 12 SP3

2.7.3-6.3.13

fixed

python36-requests

suse enterprise server 12 SP3

2.24.0-6.3.15

fixed

python36-rsa

suse enterprise server 12 SP3

3.4.2-6.3.15

fixed

python36-s3transfer

suse enterprise server 12 SP3

0.3.3-6.3.11

fixed

python36-setuptools

suse enterprise server 12 SP3

44.1.1-9.11.1

fixed

python36-setuptools-test

suse enterprise server 12 SP3

44.1.1-6.7.4

fixed

python36-setuptools-wheel

suse enterprise server 12 SP3

44.1.1-6.7.3

fixed

python36-simplejson

suse enterprise server 12 SP3

3.8.2-6.3.16

fixed

python36-six

suse enterprise server 12 SP3

1.14.0-6.7.3

fixed

python36-six-doc

suse enterprise server 12 SP3

1.14.0-6.7.6

fixed

python36-testsuite

suse enterprise server 12 SP3

3.6.15-6.61.5

fixed

python36-tk

suse enterprise server 12 SP3

3.6.15-6.61.6

fixed

python36-tools

suse enterprise server 12 SP3

3.6.15-6.61.5

fixed

python36-urllib3

suse enterprise server 12 SP3

1.25.10-6.3.13

fixed

Common Weakness Enumeration

CWE-404 - Improper Resource Shutdown or Release
The program does not release or incorrectly releases a resource before it is made available for re-use.

References

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00014.html

https://access.redhat.com/errata/RHSA-2019:0085

https://github.com/pyca/pyopenssl/pull/723

https://usn.ubuntu.com/3813-1/

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00014.html

https://access.redhat.com/errata/RHSA-2019:0085

https://github.com/pyca/pyopenssl/pull/723

https://usn.ubuntu.com/3813-1/