In this blog post, we will take an in-depth look at the CVE-2011-4109 vulnerability, which is a double free vulnerability in OpenSSL .9.8 versions before .9.8s. We will discuss the issue, its impact, and how it can be exploited by remote attackers to cause serious damage. We will also provide code snippets and links to original references, in order to give you a comprehensive understanding of the problem.

What is OpenSSL and Double Free Vulnerability?
OpenSSL is an open-source cryptographic library and toolkit that provides Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. It is widely used by servers to ensure secure communication over the Internet. A double free vulnerability refers to a type of memory corruption issue that occurs when a program frees a particular memory block twice, leading to unpredictable behavior and potential crashes or code execution by an attacker.

The Issue: CVE-2011-4109
The CVE-2011-4109 vulnerability affects OpenSSL .9.8 versions before .9.8s and occurs when the X509_V_FLAG_POLICY_CHECK flag is enabled. This flag is responsible for allowing certificate policies to be checked during the SSL/TLS handshake. An attacker can exploit this vulnerability by triggering a failure in a policy check, which would cause a double free of the same memory block. This can lead to crashes and other unexpected behavior, as well as the potential for arbitrary code execution.

Exploit Details
To understand how the vulnerability can be exploited, let's look at the relevant code snippet from the OpenSSL source code. The problematic code is present in the 'x509/x509_vfy.c' file.

int X509_verify_cert(X509_STORE_CTX *ctx)
{
...
    } else if (num > 1) {
        if (!(ctx->param->flags & X509_V_FLAG_NO_ALT_CHAINS))
            xobj = find_issuer_any(ctx, sk);
        if (!xobj) {
...
bad:
    for (j = ; j < sk_X509_num(ctx->chain); j++) {
        X509 *xx509 = sk_X509_shift(ctx->chain);
...
        ctx->parent = ctx->chain->prev;
        if (!sk_X509_push(to_sk_x509(ctx->parent), xx509))
            X509_free(xx509);
        else
            ctx->bad_chain = 1;
        }
    if (ctx->bad_chain != )
        sk_X509_pop(ctx->chain);
    goto out;

The issue arises in the 'bad' label, where an SSL/TLS certificate fails a policy check and the code attempts to free the memory of a certificate object (xx509) twice using X509_free. This can lead to unpredictable behavior or crashes.

To exploit this vulnerability, an attacker would need to initiate an SSL/TLS session with a target server and trigger a certificate policy check failure. The attacker would require a crafted certificate that fails the policy check but passes the initial verification steps, allowing the attacker to reach the 'bad' label in the code.

Mitigation and Upgrade Path
To protect your server against the CVE-2011-4109 vulnerability, it is recommended to upgrade OpenSSL to .9.8s or newer versions. This will ensure that the double free issue is resolved and will not be exploitable by attackers.

Conclusion
CVE-2011-4109 is a double free vulnerability in OpenSSL .9.8 that can be exploited by attackers to cause crashes or execute arbitrary code on the target system. It is crucial to understand this vulnerability and its potential impact, as well as the importance of upgrading OpenSSL to a newer, secure version.

Here are some original references to help you understand the issue further

1. OpenSSL Security Advisory
2. NVD CVE-2011-4109
3. RedHat Bugzilla Report

Stay informed about security vulnerabilities and always make sure to keep your software updated to prevent any exploitation of known issues.

Timeline

Published on: 01/06/2012 01:55:00 UTC
Last modified on: 08/29/2017 01:30:27 UTC