CVE-2023-40217: Unauthenticated Data Leakage in Python TLS Client Authentication

A security vulnerability (CVE-2023-40217) has been discovered in multiple versions of Python, primarily affecting servers (such as HTTP servers) that use TLS client authentication. The issue has been observed in the following Python versions:

Description

The security issue lies in the handling of TLS server-side sockets. When a server-side socket is created, it briefly enters a state where it appears to be "not connected." During this window, if the socket receives data and is then quickly closed, the SSLSocket instance will not initiate a handshake. Simultaneously, the buffered data remains readable from the socket buffer.

This unauthenticated data is problematic when the server-side TLS peer expects client certificate authentication, as it is indistinguishable from valid TLS stream data. However, the amount of data that can be leaked is limited to what can fit in the buffer. It is not possible to exploit this issue for direct data exfiltration since the vulnerable code path necessitates closing the connection upon initialization of the SSLSocket.

Code Snippet

Consider the following Python code snippet, which demonstrates the creation of a server-side TLS socket:

import socket
import ssl

# Create a server socket
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.bind(('localhost', 12345))
sock.listen(1)

# Wrap the socket with TLS
context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
context.load_cert_chain('server-cert.pem', 'server-key.pem')
context.load_verify_locations('client-ca.pem')
context.options |= ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1  # Disable older protocols

# Accept the connection and create an SSLSocket
client_socket, addr = sock.accept()
client_tls_socket = context.wrap_socket(client_socket, server_side=True)

The issue arises if the server-side socket receives data and is closed quickly before the handshake starts.

Exploit Details

An attacker can exploit this vulnerability by sending unauthenticated data to the server-side socket during the brief window when it appears as "not connected." The unauthenticated data can be read without any verification or validation, leading to a potential information leak.

Mitigation

To mitigate the vulnerability, users should upgrade their Python installations to patched versions – 3.8.18, 3.9.18, 3.10.13, and 3.11.5 onwards. Upgrading to the latest version of Python can help eliminate the identified security issue and protect against other vulnerabilities discovered since earlier releases.

Original References

1. Python Security Advisory: CVE-2023-40217
2. Python Changelog: Python 3.8.18, Python 3.9.18, Python 3.10.13, Python 3.11.5

Conclusion

With the discovery of CVE-2023-40217, it is crucial for Python users to act immediately to protect their servers from unauthenticated data leakage. By updating to patched Python versions and staying vigilant for new security updates, you can better shield your servers from potential threats.

Timeline

Published on: 08/25/2023 01:15:00 UTC
Last modified on: 09/20/2023 22:15:00 UTC