Ive taken a look at these PRs and I am a still a little uncertain of this change. Also this probably belongs on dev@ not user@ so moving there.
Is anyone else familiar with Tink / this code path able to take a look? Twitter: https://twitter.com/holdenkarau Fight Health Insurance: https://www.fighthealthinsurance.com/ <https://www.fighthealthinsurance.com/?q=hk_email> Books (Learning Spark, High Performance Spark, etc.): https://amzn.to/2MaRAG9 <https://amzn.to/2MaRAG9> YouTube Live Streams: https://www.youtube.com/user/holdenkarau Pronouns: she/her On Mon, Jun 22, 2026 at 11:00 PM Akira Ajisaka <[email protected]> wrote: > Hi team, > > Thank you for the announcement. > > > To mitigate this issue, users should either configure > spark.network.crypto.cipher to AES/GCM/NoPadding to enable authenticated > encryption or enable SSL encryption by setting spark.ssl.enabled to true, > which provides stronger transport security. > > We enabled spark.network.crypto.cipher to AES/GCM/NoPadding on the > Spark on YARN cluster, and we faced job failures > (https://issues.apache.org/jira/browse/SPARK-56227). I created a patch > to fix these failures, and the PRs are ready: > > - https://github.com/apache/spark/pull/55028 (for master) > - https://github.com/apache/spark/pull/55621 (for branch-3.5) > > Since we are running Spark 3.x and SSL encryption is not available, we > would like to use AES/GCM/NoPadding. How can I proceed to merge this > fix into master and branch-3.5? > > Best regards, > Akira Ajisaka > > On Wed, Oct 15, 2025 at 4:48 AM Holden Karau <[email protected]> wrote: > > > > Severity: moderate > > > > Affected versions: > > > > - Apache Spark (org.apache.spark:spark-network-common_2.13) 3.5.0 before > 3.5.2 > > - Apache Spark (org.apache.spark:spark-network-common_2.13) before 3.4.4 > > - Apache Spark (org.apache.spark:spark-network-common_2.12) 3.5.0 before > 3.5.2 > > - Apache Spark (org.apache.spark:spark-network-common_2.12) before 3.4.4 > > > > Description: > > > > This issue affects Apache Spark versions before 3.4.4, 3.5.2 and 4.0.0. > > > > > > > > Apache Spark versions before 4.0.0, 3.5.2 and 3.4.4 use an insecure > default network encryption cipher for RPC communication between nodes. > > > > When spark.network.crypto.enabled is set to true (it is set to false by > default), but spark.network.crypto.cipher is not explicitly configured, > Spark defaults to AES in CTR mode (AES/CTR/NoPadding), which provides > encryption without authentication. > > > > This vulnerability allows a man-in-the-middle attacker to modify > encrypted RPC traffic undetected by flipping bits in ciphertext, > potentially compromising heartbeat messages or application data and > affecting the integrity of Spark workflows. > > > > > > To mitigate this issue, users should either configure > spark.network.crypto.cipher to AES/GCM/NoPadding to enable authenticated > encryption or > > > > enable SSL encryption by setting spark.ssl.enabled to true, which > provides stronger transport security. > > > > References: > > > > https://spark.apache.org/ > > https://www.cve.org/CVERecord?id=CVE-2025-55039 > > > > > > --------------------------------------------------------------------- > > To unsubscribe e-mail: [email protected] > > > > --------------------------------------------------------------------- > To unsubscribe e-mail: [email protected] > >
