Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-35875

Опубликовано: 19 мая 2024
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: x86/coco: Require seeding RNG with RDRAND on CoCo systems There are few uses of CoCo that don't rely on working cryptography and hence a working RNG. Unfortunately, the CoCo threat model means that the VM host cannot be trusted and may actively work against guests to extract secrets or manipulate computation. Since a malicious host can modify or observe nearly all inputs to guests, the only remaining source of entropy for CoCo guests is RDRAND. If RDRAND is broken -- due to CPU hardware fault -- the RNG as a whole is meant to gracefully continue on gathering entropy from other sources, but since there aren't other sources on CoCo, this is catastrophic. This is mostly a concern at boot time when initially seeding the RNG, as after that the consequences of a broken RDRAND are much more theoretical. So, try at boot to seed the RNG using 256 bits of RDRAND output. If this fails, panic(). This will also trigger if the system is booted without RDRAND, as RDRAND is essential for a safe CoCo boot. Add this deliberately to be "just a CoCo x86 driver feature" and not part of the RNG itself. Many device drivers and platforms have some desire to contribute something to the RNG, and add_device_randomness() is specifically meant for this purpose. Any driver can call it with seed data of any quality, or even garbage quality, and it can only possibly make the quality of the RNG better or have no effect, but can never make it worse. Rather than trying to build something into the core of the RNG, consider the particular CoCo issue just a CoCo issue, and therefore separate it all out into driver (well, arch/platform) code. [ bp: Massage commit message. ]

CVE-2024-35875 addresses a security concern in the Linux kernel's handling of confidential computing (CoCo) environments. In these setups, the virtual machine (VM) host is untrusted and may attempt to compromise guest VMs. A critical component for maintaining security in such environments is a reliable random number generator (RNG), which depends on the CPU's RDRAND instruction to generate entropy. The vulnerability arises when the RDRAND instruction fails—due to hardware faults or other issues—leaving the RNG without sufficient entropy sources. This deficiency is particularly problematic during the system's initial boot phase, potentially compromising cryptographic operations and overall system security. In CoCo environments, the untrusted VM host can manipulate or observe most inputs to guest VMs. The primary entropy source for these guests is the CPU's RDRAND instruction. If RDRAND fails, the RNG lacks alternative entropy sources, leading to potential security vulnerabilities. A malfunctioning RDRAND during boot can result in insufficient entropy for cryptographic functions, undermining the security of the CoCo environment.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelUnder investigation
Red Hat Enterprise Linux 8kernel-rtUnder investigation
Red Hat Enterprise Linux 9kernel-rtAffected
Red Hat Enterprise Linux 9kernelFixedRHSA-2024:656711.09.2024
Red Hat Enterprise Linux 9kernelFixedRHSA-2024:656711.09.2024
Red Hat Enterprise Linux 9.2 Extended Update SupportkernelFixedRHSA-2024:626704.09.2024
Red Hat Enterprise Linux 9.2 Extended Update Supportkernel-rtFixedRHSA-2024:626804.09.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=2281727kernel: x86/coco: Require seeding RNG with RDRAND on CoCo systems

EPSS

Процентиль: 34%
0.00131
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-35875

ubuntu
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: x86/coco: Require seeding RNG with RDRAND on CoCo systems There are few uses of CoCo that don't rely on working cryptography and hence a working RNG. Unfortunately, the CoCo threat model means that the VM host cannot be trusted and may actively work against guests to extract secrets or manipulate computation. Since a malicious host can modify or observe nearly all inputs to guests, the only remaining source of entropy for CoCo guests is RDRAND. If RDRAND is broken -- due to CPU hardware fault -- the RNG as a whole is meant to gracefully continue on gathering entropy from other sources, but since there aren't other sources on CoCo, this is catastrophic. This is mostly a concern at boot time when initially seeding the RNG, as after that the consequences of a broken RDRAND are much more theoretical. So, try at boot to seed the RNG using 256 bits of RDRAND output. If this fails, panic(). This will also trigger if the sy...

nvd логотип

CVE-2024-35875

nvd
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: x86/coco: Require seeding RNG with RDRAND on CoCo systems There are few uses of CoCo that don't rely on working cryptography and hence a working RNG. Unfortunately, the CoCo threat model means that the VM host cannot be trusted and may actively work against guests to extract secrets or manipulate computation. Since a malicious host can modify or observe nearly all inputs to guests, the only remaining source of entropy for CoCo guests is RDRAND. If RDRAND is broken -- due to CPU hardware fault -- the RNG as a whole is meant to gracefully continue on gathering entropy from other sources, but since there aren't other sources on CoCo, this is catastrophic. This is mostly a concern at boot time when initially seeding the RNG, as after that the consequences of a broken RDRAND are much more theoretical. So, try at boot to seed the RNG using 256 bits of RDRAND output. If this fails, panic(). This will also trigger if the s

debian логотип

CVE-2024-35875

debian
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: x ...

github логотип

GHSA-43j5-9vgx-7g7j

github
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: x86/coco: Require seeding RNG with RDRAND on CoCo systems There are few uses of CoCo that don't rely on working cryptography and hence a working RNG. Unfortunately, the CoCo threat model means that the VM host cannot be trusted and may actively work against guests to extract secrets or manipulate computation. Since a malicious host can modify or observe nearly all inputs to guests, the only remaining source of entropy for CoCo guests is RDRAND. If RDRAND is broken -- due to CPU hardware fault -- the RNG as a whole is meant to gracefully continue on gathering entropy from other sources, but since there aren't other sources on CoCo, this is catastrophic. This is mostly a concern at boot time when initially seeding the RNG, as after that the consequences of a broken RDRAND are much more theoretical. So, try at boot to seed the RNG using 256 bits of RDRAND output. If this fails, panic(). This will also trigger if th...

rocky логотип

RLSA-2024:6567

rocky
9 месяцев назад

Moderate: kernel security update

EPSS

Процентиль: 34%
0.00131
Низкий

5.5 Medium

CVSS3