[CVE-2012-2808] Weak randomness Android DNS resolver

Android DNS poisoning: Randomness gone bad (CVE-2012-2808) Jul 24 2012 12:35PM

Roee Hay (roeeh il ibm com)

1 Introduction

===========

Recently we discovered a very interesting vulnerability in Android's DNS resolver, 

a weakness in its pseudo-random number generator (PRNG), which makes DNS poisoning attacks feasible.

최근 Android의 DNS resolver 에서 매우 흥미있는 취약점을 발견했다.

의사난수생성기(PRNG)의 약점이 DNS poisoning 공격을 가능하게 한다.

The full advisory can be found at http://bit.ly/MkteBx

A blog post can be found at http://bit.ly/MkoU5j

Demo of our PoC can be found at http://youtu.be/ffnF7Jej7l0

2 Vulnerability

============

The PRNG that the DNS resolver uses is

random_id = 0xffff & (time_usec ^ time_sec ^ pid)

DNS resolver가 사용하는 PRNG 는  0xffff & (time_usec ^ time_sec ^ pid) 이다.

where time_sec is the current time in seconds, time_usec is the m                                                                                                                                                                                                                                                                                                    icroseconds

fraction and pid is the process identifier.

여기에서 time_sec 은 현재시간에서 seconds, time_usec 은 microseconds, pid 는 process 식별자 이다.

Both the TXID and source port are generated by this PRNG.

Since both calls occur subsequently, the values are very much correlated to each other. 

This yields a feasible attack expected time as we show that the number of random bits is brought down from 32 (ideally) to less than 21.

TXID 와 source port 모두 PRNG에 의해 생성된다.

두 calls 는 연속적으로 발생하기 때문에, 그 값들은 서로 큰 관련이 있다.

random bit의 수가 32에서 21미만으로 떨어지게 되는 것을 보여줌으로써 예상된 시간에 공격을 할 수 있다.

Check our advisory for full details.

3 Vulnerable versions

================

Android 4.0.4 and below.

Android 4.0.4 이하 버전에서 취약함

4 Vendor Response

===============

Android 4.1.1 has been released, and patches are available on AOSP.

The random sample is now pulled from /dev/urandom, which should have adequate entropy by

the time network activity occurs.

Android 4.1.1 버전이 릴리즈 되었고 Android Open Source Porject 에서 패치를 이용할 수 있다.

현재 무작위 표본은 network 활동이 발생하는 시간에 따라 적절한 엔트로피가 있는 /dev/urandom 에서 가져온다. 

5 Identifier

========

CVE-2012-2808

6 Discovered by

============

Roee Hay & Roi Saltzman

IBM Application Security Research Group

7 Disclosure timeline

================

07/24/2012 Public disclosure

06/05/2012 Issue confirmed by Android Security Team and patch provided

to partners.

05/21/2012 Disclosed to Android Security Team.

[출처] : SecurityFocus, TheHackerNews

[관련 자료] : 영문보고서 다운