An update for freeradius is now available for openEuler-20.03-LTS and openEuler-20.03-LTS-SP1
Security Advisory
openeuler-security@openeuler.org
openEuler security committee
openEuler-SA-2021-1031
Final
1.0
1.0
2021-02-05
Initial
2021-02-05
2021-02-05
openEuler SA Tool V1.0
2021-02-05
freeradius security update
An update for freeradius is now available for openEuler-20.03-LTS and openEuler-20.03-LTS-SP1.
Remote Authentication Dial-In User Service (RADIUS) is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA or Triple A) management for users who connect and use a network service.\r\n\r\n
Security Fix(es):\r\n\r\n
In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. This leaks information that an attacker can use to recover the password of any user. This information leakage is similar to the "Dragonblood" attack and CVE-2019-9494.(CVE-2019-13456)\r\n\r\n
In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BN_CTX instance to handle all handshakes. This mean multiple threads use the same BN_CTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are initiated. This can be abused by an adversary as a Denial-of-Service (DoS) attack.(CVE-2019-17185)\r\n\r\n
An update for freeradius is now available for openEuler-20.03-LTS and openEuler-20.03-LTS-SP1.\r\n\r\n
openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
High
freeradius
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1031
https://openeuler.org/en/security/cve/detail.html?id=CVE-2019-13456
https://openeuler.org/en/security/cve/detail.html?id=CVE-2019-17185
https://nvd.nist.gov/vuln/detail/CVE-2019-13456
https://nvd.nist.gov/vuln/detail/CVE-2019-17185
openEuler-20.03-LTS
openEuler-20.03-LTS-SP1
freeradius-3.0.15-21.oe1.aarch64.rpm
freeradius-debuginfo-3.0.15-21.oe1.aarch64.rpm
freeradius-debugsource-3.0.15-21.oe1.aarch64.rpm
freeradius-devel-3.0.15-21.oe1.aarch64.rpm
freeradius-help-3.0.15-21.oe1.aarch64.rpm
freeradius-krb5-3.0.15-21.oe1.aarch64.rpm
freeradius-ldap-3.0.15-21.oe1.aarch64.rpm
freeradius-mysql-3.0.15-21.oe1.aarch64.rpm
freeradius-perl-3.0.15-21.oe1.aarch64.rpm
freeradius-postgresql-3.0.15-21.oe1.aarch64.rpm
freeradius-sqlite-3.0.15-21.oe1.aarch64.rpm
freeradius-utils-3.0.15-21.oe1.aarch64.rpm
python2-freeradius-3.0.15-21.oe1.aarch64.rpm
freeradius-3.0.15-22.oe1.aarch64.rpm
freeradius-debuginfo-3.0.15-22.oe1.aarch64.rpm
freeradius-debugsource-3.0.15-22.oe1.aarch64.rpm
freeradius-devel-3.0.15-22.oe1.aarch64.rpm
freeradius-help-3.0.15-22.oe1.aarch64.rpm
freeradius-krb5-3.0.15-22.oe1.aarch64.rpm
freeradius-ldap-3.0.15-22.oe1.aarch64.rpm
freeradius-mysql-3.0.15-22.oe1.aarch64.rpm
freeradius-perl-3.0.15-22.oe1.aarch64.rpm
freeradius-postgresql-3.0.15-22.oe1.aarch64.rpm
freeradius-sqlite-3.0.15-22.oe1.aarch64.rpm
freeradius-utils-3.0.15-22.oe1.aarch64.rpm
freeradius-3.0.15-21.oe1.src.rpm
freeradius-3.0.15-22.oe1.src.rpm
freeradius-3.0.15-21.oe1.x86_64.rpm
freeradius-debuginfo-3.0.15-21.oe1.x86_64.rpm
freeradius-debugsource-3.0.15-21.oe1.x86_64.rpm
freeradius-devel-3.0.15-21.oe1.x86_64.rpm
freeradius-help-3.0.15-21.oe1.x86_64.rpm
freeradius-krb5-3.0.15-21.oe1.x86_64.rpm
freeradius-ldap-3.0.15-21.oe1.x86_64.rpm
freeradius-mysql-3.0.15-21.oe1.x86_64.rpm
freeradius-perl-3.0.15-21.oe1.x86_64.rpm
freeradius-postgresql-3.0.15-21.oe1.x86_64.rpm
freeradius-sqlite-3.0.15-21.oe1.x86_64.rpm
freeradius-utils-3.0.15-21.oe1.x86_64.rpm
python2-freeradius-3.0.15-21.oe1.x86_64.rpm
freeradius-3.0.15-22.oe1.x86_64.rpm
freeradius-debuginfo-3.0.15-22.oe1.x86_64.rpm
freeradius-debugsource-3.0.15-22.oe1.x86_64.rpm
freeradius-devel-3.0.15-22.oe1.x86_64.rpm
freeradius-help-3.0.15-22.oe1.x86_64.rpm
freeradius-krb5-3.0.15-22.oe1.x86_64.rpm
freeradius-ldap-3.0.15-22.oe1.x86_64.rpm
freeradius-mysql-3.0.15-22.oe1.x86_64.rpm
freeradius-perl-3.0.15-22.oe1.x86_64.rpm
freeradius-postgresql-3.0.15-22.oe1.x86_64.rpm
freeradius-sqlite-3.0.15-22.oe1.x86_64.rpm
freeradius-utils-3.0.15-22.oe1.x86_64.rpm
In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. This leaks information that an attacker can use to recover the password of any user. This information leakage is similar to the "Dragonblood" attack and CVE-2019-9494.
2021-02-05
CVE-2019-13456
openEuler-20.03-LTS
openEuler-20.03-LTS-SP1
Medium
6.5
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
freeradius security update
2021-02-05
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1031
In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BN_CTX instance to handle all handshakes. This mean multiple threads use the same BN_CTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are initiated. This can be abused by an adversary as a Denial-of-Service (DoS) attack.
2021-02-05
CVE-2019-17185
openEuler-20.03-LTS
openEuler-20.03-LTS-SP1
High
7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
freeradius security update
2021-02-05
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1031