Java 15 introduced a cryptographic vulnerability

Oracle has patched a vulnerability in server-side Java that allowed an attacker to forge some kinds of SSL certificates and handshakes, along with several kinds of authentication messages.

The vulnerabilities were discovered by ForgeRock security researcher Neil Madden and documented here.

“If you are using ECDSA [elliptic curve digital signature algorithm] signatures for any of these security mechanisms, then an attacker can trivially and completely bypass them if your server is running any Java 15, 16, 17, or 18 version before the April 2022 Critical Patch Update (CPU),” Madden wrote of CVE-2022-21449.

“For context, almost all WebAuthn/FIDO [Fast IDentity Online] devices in the real world (including Yubikeys) use ECDSA signatures and many OIDC [OpenID Connect] providers use ECDSA-signed JWTs.”

Madden points out that the affected versions of Java fail to check that two key variables in the ECDSA are not tested to ensure they’re non-zero.

As a result, an attacker can present any signature value in which those variables are zero – “the digital equivalent of a blank ID card” – and it will be accepted by the server as valid.

He said the bug was introduced by a rewrite of the relevant code from C++ to Java, which happened when Java 15 was released in 2020.

The bug was discovered and reported last November, and fixed in Oracle’s April Critical Patch Update (CPU).

While Oracle only assigned the bug 7.5 (high rated) under the Common Vulnerability Scoring System, ForgeRock disagreed, rating it 10.0 “due to the wide range of impacts on different functionality in an access management context”.

The Java bug is one of more than 500 patches released in the April CPU.

Update: Yubico has emailed iTnews to say the vulnerability is not present in its firmware.

"“Yubico is aware of this issue and how it affects Oracle Java 15+ and OpenJDK, including other JDKs derived from OpenJDK," the company said.

"This vulnerability is not in the YubiKey firmware or the WebAuthn protocol, and we recommend organisations and individuals patch their Java deployments. Yubico will continue to provide further guidance on best practices as appropriate in the future.”