CVE-2021-32791: Hardcoded static IV and AAD with a reused key in AES GCM encryption in mod_auth_openidc
First published: Mon Jul 26 2021(Updated: )
mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In mod_auth_openidc before version 2.4.9, the AES GCM encryption in mod_auth_openidc uses a static IV and AAD. It is important to fix because this creates a static nonce and since aes-gcm is a stream cipher, this can lead to known cryptographic issues, since the same key is being reused. From 2.4.9 onwards this has been patched to use dynamic values through usage of cjose AES encryption routines.
Credit: security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Openidc Mod Auth Openidc | <2.4.9 | |
| Apache HTTP server | >=2.0.0<=2.4.48 | |
| Fedoraproject Fedora | =33 | |
| Fedoraproject Fedora | =34 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/zmartzone/mod_auth_openidc/commit/375407c16c61a70b56fdbe13b0d2c8f11398e92c
- https://github.com/zmartzone/mod_auth_openidc/releases/tag/v2.4.9
- https://github.com/zmartzone/mod_auth_openidc/security/advisories/GHSA-px3c-6x7j-3r9r
- https://lists.debian.org/debian-lts-announce/2023/04/msg00034.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZVF6BSJLRQZ7PFFR4X5JSU6KUJYNOCU/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXAWKPT5LXZSUTFSJ6IWSZC7RMYYQXQD/
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FZVF6BSJLRQZ7PFFR4X5JSU6KUJYNOCU/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QXAWKPT5LXZSUTFSJ6IWSZC7RMYYQXQD/
Frequently Asked Questions
What is CVE-2021-32791?
CVE-2021-32791 is a vulnerability in mod_auth_openidc that allows an attacker to bypass encryption and potentially perform unauthorized actions.
What is the severity of CVE-2021-32791?
The severity of CVE-2021-32791 is medium, with a CVSS score of 5.9.
How does CVE-2021-32791 affect mod_auth_openidc?
CVE-2021-32791 affects mod_auth_openidc versions prior to 2.4.9, allowing for the use of a static initialization vector (IV) in AES GCM encryption, which weakens the encryption strength.
How can I fix CVE-2021-32791?
To fix CVE-2021-32791, you should update mod_auth_openidc to version 2.4.9 or later, which resolves the vulnerability by using a random IV for AES GCM encryption.
Are there any references related to CVE-2021-32791?
Yes, you can find more information about CVE-2021-32791 at these references: [GitHub Commit](https://github.com/zmartzone/mod_auth_openidc/commit/375407c16c61a70b56fdbe13b0d2c8f11398e92c), [GitHub Release](https://github.com/zmartzone/mod_auth_openidc/releases/tag/v2.4.9), [GitHub Security Advisory](https://github.com/zmartzone/mod_auth_openidc/security/advisories/GHSA-px3c-6x7j-3r9r).
- collector/nvd-index
- agent/weakness
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/references
- agent/title
- agent/last-modified-date
- agent/remedy
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- vendor/openidc
- canonical/openidc mod auth openidc
- vendor/apache
- canonical/apache http server
- version/apache http server/2.0.0
- version/apache http server/2.4.48
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/33
- version/fedoraproject fedora/34