[openssl/openssl] bc2f61: aesv8-armx.pl: Avoid buffer overrread in AES-XTS d...

Tomáš Mráz noreply at github.com
Thu Apr 20 15:52:37 UTC 2023


  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: bc2f61ad70971869b242fc1cb445b98bad50074a
      https://github.com/openssl/openssl/commit/bc2f61ad70971869b242fc1cb445b98bad50074a
  Author: Tomas Mraz <tomas at openssl.org>
  Date:   2023-04-20 (Thu, 20 Apr 2023)

  Changed paths:
    M CHANGES.md
    M NEWS.md
    M crypto/aes/asm/aesv8-armx.pl

  Log Message:
  -----------
  aesv8-armx.pl: Avoid buffer overrread in AES-XTS decryption

Original author: Nevine Ebeid (Amazon)
Fixes: CVE-2023-1255

The buffer overread happens on decrypts of 4 mod 5 sizes.
Unless the memory just after the buffer is unmapped this is harmless.

Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove at arm.com>
(Merged from https://github.com/openssl/openssl/pull/20759)

(cherry picked from commit 72dfe46550ee1f1bbfacd49f071419365bc23304)




More information about the openssl-commits mailing list