Security Vulnerability: Raccoon Attack against TLS when using static DH keys aka CVE-2020-1968, CVE-2020-12413

This document (000019697) is provided subject to the disclaimer at the end of this document.

Environment

Researchers have published a new vulnerability in the TLS protocol.

When using static Diffie-Hellman (DH) keys, and reusing those keys over multiple TLS sessions, attackers can gain access to the content of TLS sessions with the same key.

Static DH keys are not common anymore and also DH key reuse is no longer done in current TLS implementations.
This is a server side vulnerability, not a client side vulnerability.

 

Situation

Only the OpenSSL and Mozilla NSS Libraries shipped by SUSE are affected, other TLS libraries shipped by SUSE are not affected.
 

OpenSSL:

For openssl the issue is tracked under CVE-2020-1968.
  • openssl 1.1.1 versions as shipped in SLES 15 SP2 and SLES 12 SP4 and SP5 are not affected as they do not contain the problematic cipher suites.
  • openssl 1.1.0 versions as shipped in SLES 15 GA and SLES 15 SP1 are not affected as they do not contain the problematic cipher suites.
  • openssl 1.0.2 versions shipped in SLES 12 SP2 and newer, and as legacy in SLES 15 are affected,  if a static DH cipher is in use by a TLS server.
  • openssl 0.9.8 versions are affected, if either static DH or ephemeral DH cipher (due to the secret reuse) is in use by a TLS server.
 

Mozilla NSS:

  • As this is a server side vulnerability, only users of apache2-mod_nss might be affected.
SUSE's apache2-mod_nss does not offer the static DH ciphers, so it is not affected.
Other third party server applications users of Mozilla NSS might be affected.
  • The Mozilla Firefox as TLS client has stopped using static DH keys in the last release.

Resolution

Resolution

SUSE will release adjustments to our affected openssl packages to make sure DH keys are only used once.
SUSE will release updates for Mozilla NSS according to Mozilla's guidance.
 

Workaround:

In openssl using TLS services you can check and make sure that DH ciphers are not in use.

Cause

Status

Security Alert

Additional Information

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:000019697
  • Creation Date: 10-Sep-2020
  • Modified Date:10-Sep-2020
    • SUSE Linux Enterprise Server

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback@suse.com

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.


SUSE Customer Support Quick Reference Guide SUSE Technical Support Handbook Update Advisories
Support FAQ

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center