An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability.

Thanks for the report!

Thanks for acknowledging.  We look forward to any updates/developments on the issue reported.

For further information about the Cisco Vendor Vulnerability Reporting and Disclosure Policy please refer to this document which also links to our public PGP key. https://tools.cisco.com/security/center/resources/vendor_vulnerability_policy.html

Kind Regards,

Regina Wilson
Analyst.Business Operations
regiwils@cisco.com<mailto:regiwils@cisco.com>

[cid:CFA14CB5-B7B2-4FF7-8313-22D495F607D5@vrt.sourcefire.com]

On Jan 15, 2019, at 11:30 AM, Christian Heimes <report@bugs.python.org<mailto:report@bugs.python.org>> wrote:

Christian Heimes <lists@cheimes.de<mailto:lists@cheimes.de>> added the comment:

Thanks for the report!

----------
assignee:  -> christian.heimes
components: +SSL
nosy: +christian.heimes
stage:  -> needs patch
versions: +Python 3.4, Python 3.5, Python 3.6, Python 3.7, Python 3.8

_______________________________________
Python tracker <report@bugs.python.org<mailto:report@bugs.python.org>>
<https://bugs.python.org/issue35746>
_______________________________________

I can confirm that CPython is affected.

By the way PyCA cryptography handles the CRL DB just fine.

>>> from cryptography import x509
>>> from cryptography.hazmat.backends import default_backend
>>> with open("Lib/test/talos-2019-0758.pem", "rb") as f:
...     pem_data = f.read()
... 
>>> cert = x509.load_pem_x509_certificate(pem_data, default_backend())
>>> cert.extensions[-1]
<Extension(oid=<ObjectIdentifier(oid=2.5.29.31, name=cRLDistributionPoints)>, critical=False, value=<CRLDistributionPoints([<DistributionPoint(full_name=None, relative_name=None, reasons=None, crl_issuer=None)>])>)>

The files are removed and will be reissued to PSIRT.

Regina Wilson
Analyst.Business Operations
regiwils@cisco.com<mailto:regiwils@cisco.com>

[cid:CFA14CB5-B7B2-4FF7-8313-22D495F607D5@vrt.sourcefire.com]

On Jan 15, 2019, at 12:11 PM, Cisco Talos <report@bugs.python.org<mailto:report@bugs.python.org>> wrote:

Change by Cisco Talos <vulndev@cisco.com<mailto:vulndev@cisco.com>>:

Removed file: https://bugs.python.org/file48052/TALOS-2019-0758.txt

_______________________________________
Python tracker <report@bugs.python.org<mailto:report@bugs.python.org>>
<https://bugs.python.org/issue35746>
_______________________________________

I close the bug just to hide it from the home page and default search result, to have more time to fix it (make the issue less visible).

Please leave the bug open and don't remove files. It's too late. The bug report has been sent to mailing lists and RSS feeds already.

Also you cannot remove any files from the bug tracker. Only admins are can do that.

I can confirm this crashes a freshly-built interpreter from the current 3.5 and 3.4 branches.

New changeset a37f52436f9aa4b9292878b72f3ff1480e2606c3 by Miss Islington (bot) (Christian Heimes) in branch 'master':
bpo-35746: Fix segfault in ssl's cert parser (GH-11569)
https://github.com/python/cpython/commit/a37f52436f9aa4b9292878b72f3ff1480e2606c3

New changeset be5de958e9052e322b0087c6dba81cdad0c3e031 by Miss Islington (bot) in branch '3.7':
bpo-35746: Fix segfault in ssl's cert parser (GH-11569)
https://github.com/python/cpython/commit/be5de958e9052e322b0087c6dba81cdad0c3e031

TALOS-2019-0758.txt: "Credit: Discovered by Colin Read and Nicolas Edet of Cisco."

Can we credit them somewhere? Maybe edit the NEWS entry to mention their name?

New changeset 06b15424b0dcacb1c551b2a36e739fffa8d0c595 by Miss Islington (bot) in branch '2.7':
bpo-35746: Fix segfault in ssl's cert parser (GH-11569)
https://github.com/python/cpython/commit/06b15424b0dcacb1c551b2a36e739fffa8d0c595

New changeset 216a4d83c3b72f4fdcd81b588dc3f42cc461739a by Ned Deily (Miss Islington (bot)) in branch '3.6':
bpo-35746: Fix segfault in ssl's cert parser (GH-11569) (GH-11573)
https://github.com/python/cpython/commit/216a4d83c3b72f4fdcd81b588dc3f42cc461739a

The bug is less critical and harder to exploit than I initially thought. td;dr if you have cert validation enabled and only trust public root CAs from CA/B forum, then you are not affected.

The bug is only exploitable under two conditions:
1) The user has disabled TLS/SSL certificate validation *and* calls getpeercert() in 3rd party code.
2) Or the user trusts a CA that does not properly validate end-entity certificates.

When cert validation is enabled, the ssl module will refuse any untrusted certificate during the handshake. The SSLSocket.getpeercert() and SSLObject.getpeercert() methods raise an exception, when the handshake was not successful. Python 2.7 - 3.6 hostname verification code only calls getpeercert() after the cert chain was validated successfully. Python 3.7+ no longer calls getpeercert() for hostname verification. Further more hostname verification can't be enabled when cert validation is disabled.

For publicly trusted CAs governed by CA/B baseline requirements, CRL DPs must by valid URI general names with HTTP links. From CA/Browser Forum Baseline Requirements Version 1.6.2, December 10, 2018, section 7.1.2.3. Subscriber Certificate:

b. cRLDistributionPoints
This extension MAY be present. If present, it MUST NOT be marked critical, and it MUST contain the HTTP URL of the CA’s CRL service.

Does someone work on backporting the fix to 3.4 and 3.5 branches?

Note: I added the vulnerability to:
https://python-security.readthedocs.io/vuln/ssl-crl-dps-dos.html

New changeset 355f16fd4beb36d6a18f7d0982581c93de015c17 by Victor Stinner in branch 'master':
bpo-35746: Credit Colin Read and Nicolas Edet (GH-11863)
https://github.com/python/cpython/commit/355f16fd4beb36d6a18f7d0982581c93de015c17

New changeset 826a8b708165796151ad4135b0ddbd79da6d39f1 by Victor Stinner in branch '2.7':
bpo-35746: Credit Colin Read and Nicolas Edet (GH-11866)
https://github.com/python/cpython/commit/826a8b708165796151ad4135b0ddbd79da6d39f1

New changeset fe42122d41834746e841b5927154be041fb7afbb by Victor Stinner in branch '3.7':
bpo-35746: Credit Colin Read and Nicolas Edet (GH-11864)
https://github.com/python/cpython/commit/fe42122d41834746e841b5927154be041fb7afbb

New changeset 2a3af94b7e4d7851986043348128e312ddbb2451 by Ned Deily (Victor Stinner) in branch '3.6':
bpo-35746: Credit Colin Read and Nicolas Edet (GH-11865)
https://github.com/python/cpython/commit/2a3af94b7e4d7851986043348128e312ddbb2451

New changeset 6c655ce34ae54adb8eef22b73108e22cc381cb8d by larryhastings (Victor Stinner) in branch '3.4':
bpo-35746: Fix segfault in ssl's cert parser (GH-11569) (#11868)
https://github.com/python/cpython/commit/6c655ce34ae54adb8eef22b73108e22cc381cb8d

New changeset efec7631edf3b9480dc3988c97ffef94df8800da by larryhastings (Victor Stinner) in branch '3.5':
bpo-35746: Fix segfault in ssl's cert parser (GH-11569) (#11867)
https://github.com/python/cpython/commit/efec7631edf3b9480dc3988c97ffef94df8800da

Can we close this now?

Yes, I close the issue.