Security Advisory 2019-11-05-3 - ustream-ssl information disclosure (CVE-2019-5101, CVE-2019-5102)

DESCRIPTION
An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt. When connecting to a remote server, the server’s SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by performing a man-in-the-middle attack, providing any certificate, leading to the theft of all the data sent by the client during the first request.
*[SSL]: Secure Socket Layer

REQUIREMENTS
In order to exploit this vulnerability, a malicious actor needs to perform a man-in-the-middle attack, presenting a requesting ustream-ssl client with any invalid certificate. The ustream-ssl client will eventually tear down the SSL connection due to that, but only after flushing pending data, e.g. the HTTP request payload in case of an HTTPS client application.
*[SSL]: Secure Socket Layer
*[HTTP]: Hypertext Transfer Protocol
*[HTTPS]: Hypertext Transfer Protocol Secure

MITIGATIONS
To fix this issue, update the affected ustream-ssl packages using the command below.

 opkg update; opkg upgrade libustream-mbedtls libustream-openssl

The fix is contained in the following and later versions:

• OpenWrt master: 2019-11-05-c9b66682-1

• OpenWrt 19.07: 2019-08-17-e8f9c22d-2

• OpenWrt 18.06: 2018-07-30-23a3f283-2

AFFECTED VERSIONS
To our knowledge, OpenWrt versions 18.06.0 to 18.06.4 are affected. The fixed packages are integrated in the OpenWrt 18.06.5, OpenWrt 19.07.0-rc1 and subsequent releases. Older versions of OpenWrt (e.g. OpenWrt 15.05 and LEDE 17.01) are end of life and not supported any more.

CREDITS
The issue has been reported by the Claudio Bozzato of Cisco Talos on 11th September 2019. (<http://talosintelligence.com/vulnerability-reports/&gt;)

The issue has been fixed by Jo-Philipp Wich <jo at mein.io>