[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] KDE Paste Applet
From:       Garth Mollett <gmollett () redhat ! com>
Date:       2013-06-26 6:58:15
Message-ID: 51CA9107.6060402 () redhat ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 06/26/2013 03:06 PM, Kurt Seifried wrote:
> On 06/25/2013 10:39 PM, Michael Samuel wrote:
>> On 13 June 2013 10:02, Michael Samuel <mik@miknet.net> wrote:
> 
>>> Ok, so the fix for this uses KRandom::random()...
>>> 
>>> I suggest leaving the KDE Paste fix as-is and replacing
>>> KRandom with something that just fills an integer from
>>> /dev/urandom - then we can save a few CVE numbers for the rest
>>> of the year.
>>> 
>>> qrand() should probably also do the same, especially since 
>>> cnonces for HTTP auth are using it - that means there's only
>>> 2^32 (at best) possible cnonces...
>>> 
>>>> 
>>>> 
>> Fedora and Ubuntu have both pushed out this patch.  Requesting a 
>> new CVE for "KRandom::random() isn't a secure PRNG", since the
>> KDE guys are convinced that it is.
> 
>> Regards, Michael
> 
> So the thing is it can be completely random, just like a coin
> flip. But the search space might be to small (e.g. a 1 bit key
> based on a coin flip wouldn't be "secure"). I suspect 2^32 isn't
> enough any more either, assuming a 480 core GPU, if you can run 250
> cracking attempts per second per core you can brute force a 2^32
> search space in 10 hours or so. Needless to say GPUs are getting
> pretty cheap. So this appears to be a textbook example of CWE-334
> "Small Space of Random Values".
> 
> Please use CVE-2013-2213 for KDE KRandom::random() CWE-334: Small 
> Space of Random Values.
> 
> 

If /dev/urandom can't be opened it looks even worse:

00041             // No /dev/urandom... try something else.
00042             srand(getpid());
00043             seed = rand()+time(0);

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQEcBAEBAgAGBQJRypEHAAoJEPjpLwZKQ8Gp3boIAMy5abrxcwaSuPQYswPtrD2j
Xhj8qYmvwoRQDN5TDaT6uzEMZOSsC7cCv7RarueCiQwX+TOMz/XaxiFE8n37khTk
MgVuBDJc759QNfIIeyYedg7WrT0c3rbqbD/CHjKicJrnpDSTBqxz7um0CejtQzMP
dC1gk2PHYbHzQR75xEYhHPZsY30tsIeY/cP6/x+nN3h7xcVOwKNSLEHEAFzpxH6i
zgCSUj277b0LpmddMIaLvO+qXDEAZ+RT6JN14uqfSYFbQ1F+oM4x4x/k5IOCoHNQ
aAGLSfpxQ+MiborqQKCpGvoMsP9Hdw1s6pnPeDFoLD8tIjxr4Pcem0r5ebiT+zQ=
=Vgdc
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]