oss-sec mailing list archives
Re: KDE Paste Applet
From: Garth Mollett <gmollett () redhat com>
Date: Wed, 26 Jun 2013 16:58:15 +1000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06/26/2013 03:06 PM, Kurt Seifried wrote:
On 06/25/2013 10:39 PM, Michael Samuel wrote:On 13 June 2013 10:02, Michael Samuel <mik () miknet net> wrote:Ok, so the fix for this uses KRandom::random()... I suggest leaving the KDE Paste fix as-is and replacing KRandom with something that just fills an integer from /dev/urandom - then we can save a few CVE numbers for the rest of the year. qrand() should probably also do the same, especially since cnonces for HTTP auth are using it - that means there's only 2^32 (at best) possible cnonces...Fedora and Ubuntu have both pushed out this patch. Requesting a new CVE for "KRandom::random() isn't a secure PRNG", since the KDE guys are convinced that it is.Regards, MichaelSo the thing is it can be completely random, just like a coin flip. But the search space might be to small (e.g. a 1 bit key based on a coin flip wouldn't be "secure"). I suspect 2^32 isn't enough any more either, assuming a 480 core GPU, if you can run 250 cracking attempts per second per core you can brute force a 2^32 search space in 10 hours or so. Needless to say GPUs are getting pretty cheap. So this appears to be a textbook example of CWE-334 "Small Space of Random Values". Please use CVE-2013-2213 for KDE KRandom::random() CWE-334: Small Space of Random Values.
If /dev/urandom can't be opened it looks even worse: 00041 // No /dev/urandom... try something else. 00042 srand(getpid()); 00043 seed = rand()+time(0); -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQEcBAEBAgAGBQJRypEHAAoJEPjpLwZKQ8Gp3boIAMy5abrxcwaSuPQYswPtrD2j Xhj8qYmvwoRQDN5TDaT6uzEMZOSsC7cCv7RarueCiQwX+TOMz/XaxiFE8n37khTk MgVuBDJc759QNfIIeyYedg7WrT0c3rbqbD/CHjKicJrnpDSTBqxz7um0CejtQzMP dC1gk2PHYbHzQR75xEYhHPZsY30tsIeY/cP6/x+nN3h7xcVOwKNSLEHEAFzpxH6i zgCSUj277b0LpmddMIaLvO+qXDEAZ+RT6JN14uqfSYFbQ1F+oM4x4x/k5IOCoHNQ aAGLSfpxQ+MiborqQKCpGvoMsP9Hdw1s6pnPeDFoLD8tIjxr4Pcem0r5ebiT+zQ= =Vgdc -----END PGP SIGNATURE-----
Current thread:
- KDE Paste Applet Michael Samuel (May 28)
- Re: KDE Paste Applet Kurt Seifried (May 29)
- Re: KDE Paste Applet Michael Samuel (May 30)
- Re: KDE Paste Applet Jeff Mitchell (May 31)
- Re: KDE Paste Applet Michael Samuel (Jun 12)
- Re: KDE Paste Applet Michael Samuel (Jun 25)
- Re: KDE Paste Applet Kurt Seifried (Jun 25)
- Re: KDE Paste Applet Garth Mollett (Jun 26)
- Re: KDE Paste Applet Michael Samuel (May 30)
- Re: KDE Paste Applet Kurt Seifried (May 29)