Headline
Ubuntu Security Notice USN-6753-1
Ubuntu Security Notice 6753-1 - Thomas Neil James Shadwell discovered that CryptoJS was using an insecure cryptographic default configuration. A remote attacker could possibly use this issue to expose sensitive information.
==========================================================================
Ubuntu Security Notice USN-6753-1
April 25, 2024
cryptojs vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS (Available with Ubuntu Pro)
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
Summary:
CryptoJS could be made to expose sensitive information.
Software Description:
- cryptojs: collection of cryptographic algorithms implemented in JavaScript
Details:
Thomas Neil James Shadwell discovered that CryptoJS was using an insecure
cryptographic default configuration. A remote attacker could possibly use
this issue to expose sensitive information.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS (Available with Ubuntu Pro):
libjs-cryptojs 3.1.2+dfsg-3ubuntu0.22.04.1~esm1
Ubuntu 20.04 LTS:
libjs-cryptojs 3.1.2+dfsg-2ubuntu0.20.04.1
Ubuntu 18.04 LTS (Available with Ubuntu Pro):
libjs-cryptojs 3.1.2+dfsg-2ubuntu0.18.04.1~esm1
Ubuntu 16.04 LTS (Available with Ubuntu Pro):
libjs-cryptojs 3.1.2+dfsg-2ubuntu0.16.04.1~esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-6753-1
CVE-2023-46233
Package Information:
https://launchpad.net/ubuntu/+source/cryptojs/3.1.2+dfsg-2ubuntu0.20.04.1
Related news
Maintainer: please click 'request CVE' when accepting this report so that upstream fixes of this vulnerability can be tracked. **Thank you for your hard work maintaining this package.** ### Impact #### Summary Crypto-js PBKDF2 is 1,000 times weaker than originally specified in 1993, and [at least 1,300,000 times weaker than current industry standard][OWASP PBKDF2 Cheatsheet]. This is because it both (1) defaults to [SHA1][SHA1 wiki], a cryptographic hash algorithm considered insecure [since at least 2005][Cryptanalysis of SHA-1] and (2) defaults to [one single iteration][one iteration src], a 'strength' or 'difficulty' value specified at 1,000 when specified in 1993. PBKDF2 relies on iteration count as a countermeasure to [preimage][preimage attack] and [collision][collision attack] attacks. Potential Impact: 1. If used to protect passwords, the impact is high. 2. If used to generate signatures, the impact is high. Probability / risk analysis / attack enumeration: 1. [For at most ...
crypto-js is a JavaScript library of crypto standards. Prior to version 4.2.0, crypto-js PBKDF2 is 1,000 times weaker than originally specified in 1993, and at least 1,300,000 times weaker than current industry standard. This is because it both defaults to SHA1, a cryptographic hash algorithm considered insecure since at least 2005, and defaults to one single iteration, a 'strength' or 'difficulty' value specified at 1,000 when specified in 1993. PBKDF2 relies on iteration count as a countermeasure to preimage and collision attacks. If used to protect passwords, the impact is high. If used to generate signatures, the impact is high. Version 4.2.0 contains a patch for this issue. As a workaround, configure crypto-js to use SHA256 with at least 250,000 iterations.