Hi team,

Thank you for the announcement.

> To mitigate this issue, users should either configure 
> spark.network.crypto.cipher to AES/GCM/NoPadding to enable authenticated 
> encryption or enable SSL encryption by setting spark.ssl.enabled to true, 
> which provides stronger transport security.

We enabled spark.network.crypto.cipher to AES/GCM/NoPadding on the
Spark on YARN cluster, and we faced job failures
(https://issues.apache.org/jira/browse/SPARK-56227). I created a patch
to fix these failures, and the PRs are ready:

- https://github.com/apache/spark/pull/55028 (for master)
- https://github.com/apache/spark/pull/55621 (for branch-3.5)

Since we are running Spark 3.x and SSL encryption is not available, we
would like to use AES/GCM/NoPadding. How can I proceed to merge this
fix into master and branch-3.5?

Best regards,
Akira Ajisaka

On Wed, Oct 15, 2025 at 4:48 AM Holden Karau <[email protected]> wrote:
>
> Severity: moderate
>
> Affected versions:
>
> - Apache Spark (org.apache.spark:spark-network-common_2.13) 3.5.0 before 3.5.2
> - Apache Spark (org.apache.spark:spark-network-common_2.13) before 3.4.4
> - Apache Spark (org.apache.spark:spark-network-common_2.12) 3.5.0 before 3.5.2
> - Apache Spark (org.apache.spark:spark-network-common_2.12) before 3.4.4
>
> Description:
>
> This issue affects Apache Spark versions before  3.4.4, 3.5.2 and 4.0.0.
>
>
>
> Apache Spark versions before 4.0.0, 3.5.2 and 3.4.4 use an insecure default 
> network encryption cipher for RPC communication between nodes.
>
> When spark.network.crypto.enabled is set to true (it is set to false by 
> default), but spark.network.crypto.cipher is not explicitly configured, Spark 
> defaults to AES in CTR mode (AES/CTR/NoPadding), which provides encryption 
> without authentication.
>
> This vulnerability allows a man-in-the-middle attacker to modify encrypted 
> RPC traffic undetected by flipping bits in ciphertext, potentially 
> compromising heartbeat messages or application data and affecting the 
> integrity of Spark workflows.
>
>
> To mitigate this issue, users should either configure 
> spark.network.crypto.cipher to AES/GCM/NoPadding to enable authenticated 
> encryption or
>
> enable SSL encryption by setting spark.ssl.enabled to true, which provides 
> stronger transport security.
>
> References:
>
> https://spark.apache.org/
> https://www.cve.org/CVERecord?id=CVE-2025-55039
>
>
> ---------------------------------------------------------------------
> To unsubscribe e-mail: [email protected]
>

---------------------------------------------------------------------
To unsubscribe e-mail: [email protected]

Reply via email to