Ive taken a look at these PRs and I am a still a little uncertain of this
change. Also this probably belongs on dev@ not user@ so moving there.

Is anyone else familiar with Tink / this code path able to take a look?


Twitter: https://twitter.com/holdenkarau
Fight Health Insurance: https://www.fighthealthinsurance.com/
<https://www.fighthealthinsurance.com/?q=hk_email>
Books (Learning Spark, High Performance Spark, etc.):
https://amzn.to/2MaRAG9  <https://amzn.to/2MaRAG9>
YouTube Live Streams: https://www.youtube.com/user/holdenkarau
Pronouns: she/her

On Mon, Jun 22, 2026 at 11:00 PM Akira Ajisaka <[email protected]> wrote:

> Hi team,
>
> Thank you for the announcement.
>
> > To mitigate this issue, users should either configure
> spark.network.crypto.cipher to AES/GCM/NoPadding to enable authenticated
> encryption or enable SSL encryption by setting spark.ssl.enabled to true,
> which provides stronger transport security.
>
> We enabled spark.network.crypto.cipher to AES/GCM/NoPadding on the
> Spark on YARN cluster, and we faced job failures
> (https://issues.apache.org/jira/browse/SPARK-56227). I created a patch
> to fix these failures, and the PRs are ready:
>
> - https://github.com/apache/spark/pull/55028 (for master)
> - https://github.com/apache/spark/pull/55621 (for branch-3.5)
>
> Since we are running Spark 3.x and SSL encryption is not available, we
> would like to use AES/GCM/NoPadding. How can I proceed to merge this
> fix into master and branch-3.5?
>
> Best regards,
> Akira Ajisaka
>
> On Wed, Oct 15, 2025 at 4:48 AM Holden Karau <[email protected]> wrote:
> >
> > Severity: moderate
> >
> > Affected versions:
> >
> > - Apache Spark (org.apache.spark:spark-network-common_2.13) 3.5.0 before
> 3.5.2
> > - Apache Spark (org.apache.spark:spark-network-common_2.13) before 3.4.4
> > - Apache Spark (org.apache.spark:spark-network-common_2.12) 3.5.0 before
> 3.5.2
> > - Apache Spark (org.apache.spark:spark-network-common_2.12) before 3.4.4
> >
> > Description:
> >
> > This issue affects Apache Spark versions before  3.4.4, 3.5.2 and 4.0.0.
> >
> >
> >
> > Apache Spark versions before 4.0.0, 3.5.2 and 3.4.4 use an insecure
> default network encryption cipher for RPC communication between nodes.
> >
> > When spark.network.crypto.enabled is set to true (it is set to false by
> default), but spark.network.crypto.cipher is not explicitly configured,
> Spark defaults to AES in CTR mode (AES/CTR/NoPadding), which provides
> encryption without authentication.
> >
> > This vulnerability allows a man-in-the-middle attacker to modify
> encrypted RPC traffic undetected by flipping bits in ciphertext,
> potentially compromising heartbeat messages or application data and
> affecting the integrity of Spark workflows.
> >
> >
> > To mitigate this issue, users should either configure
> spark.network.crypto.cipher to AES/GCM/NoPadding to enable authenticated
> encryption or
> >
> > enable SSL encryption by setting spark.ssl.enabled to true, which
> provides stronger transport security.
> >
> > References:
> >
> > https://spark.apache.org/
> > https://www.cve.org/CVERecord?id=CVE-2025-55039
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe e-mail: [email protected]
> >
>
> ---------------------------------------------------------------------
> To unsubscribe e-mail: [email protected]
>
>

Reply via email to