FreeBSD Random Number Generator Vulnerability

John-Mark Gurney of the FreeBSD development team announced a vulnerability affecting the FreeBSD Random Number Generator (RNG) code in 11-CURRENT. Since HardenedBSD is based on 11-CURRENT, HardenedBSD is affected.

FreeBSD recently updated its random number generator to support a modular (pluggable) RNG framework. When the code was imported, the developer failed to initialize the RNG upon system boot. This means that those who call into the arc4random-based RNG were not being returned good random data. The vulnerability was introduced into 11-CURRENT four months ago, from SVN revision 273872 (HardenedBSD: fce6747f55fd538917f2bd60e601dc95866c16d0) until 278907 (HardenedBSD: 90229b36302992f0f8aad15d910a0510ada82596). SSH keys, keys and certificates generated by OpenSSL, and other utilities during that time period should be regenerated. Even ephemeral keys could be affected. When in doubt, revoke and regenerate.

As our followers know, we recently added HTTPS to our site and we recently started signing our nightly build artifacts with GPG. We have revoked the keys that were recently created and we have generated new keys. Within ten minutes of the release announcement, Shawn Webb was on the phone with DigiCert to revoke and regenerate the new SSL/TLS certificate. You can rest assured that the HardenedBSD core team was quick on their feet and responded quickly and efficiently. Our new GPG key has a Key ID of 819B11A26FFD188D and a fingerprint of BB53 388D 3BD9 8928 15CB 9E30 819B 11A2 6FFD 188D.

Remediation:

  1. Update source to latest HardenedBSD commit
  2. Build world and kernel
  3. Install world and kernel
  4. Reboot
  5. Regenerate keys