A serious flaw in a widely-used cryptography library has seen users of several popular Linux distributions scrambling to fix the problem.
Since September 2006, cryptography keys generated by the OpenSSL library in the Debian Linux distribution - and others derived from it, such as Ubuntu - have been compromised.
A Debian maintainer mistakenly removed some code from the random number generator, making the generated keys predictable and subject to brute-force guessing.
The flaw means that keys or digital signatures generated using the library, during the period September 2006 to May 2008, are insecure.
Security advisories from the Debian and Ubuntu teams have said that, as well as patching the library, administrators need to regenerate any keys that have used the Debian version of OpenSSL.
This includes those on other Linux systems used in public key authentication for secure remote logins if they originated on Debian systems. Exploit code, that takes advantage of the flaw, is already circulating and demonstrates the relative ease with which an attacker can obtain remote super-user access on a compromised system.
The main version of OpenSSL is not affected by the flaw, prompting some observers to note that the Debian project has been too insular by not propagating code back up to the project teams for review.
"It is in the best interests of everyone, distributions, projects and users, for changes made downstream to make their way back upstream," said Jake Edge, of Linux Weekly News.
"In order for that to work, there must be a commitment by downstream entities - typically distributions, but sometimes users - to push their changes upstream. By the same token, projects must actively encourage that kind of activity by helping patch proposals and proposers along."
Debian programmer Kurt Roeckx removed the code from the library after it triggered a warning from a memory debugging tool. The routine is a critical part of the random number generator used in generating cryptographic keys. Without it, keys that are supposed to be 'unguessable' revert to one of 32 000-odd values, easily cracked by trial and error.
Share