[openssl/openssl] 4679cf: Fix type confusion in nc_match_single()
Tomáš Mráz
noreply at github.com
Tue Feb 7 16:32:16 UTC 2023
Branch: refs/heads/openssl-3.1
Home: https://github.com/openssl/openssl
Commit: 4679cfce391d249aa52261e3de63c2dc5763bc21
https://github.com/openssl/openssl/commit/4679cfce391d249aa52261e3de63c2dc5763bc21
Author: Viktor Dukhovni <openssl-users at dukhovni.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M crypto/x509/v3_ncons.c
Log Message:
-----------
Fix type confusion in nc_match_single()
This function assumes that if the "gen" is an OtherName, then the "base"
is a rfc822Name constraint. This assumption is not true in all cases.
If the end-entity certificate contains an OtherName SAN of any type besides
SmtpUtf8Mailbox and the CA certificate contains a name constraint of
OtherName (of any type), then "nc_email_eai" will be invoked, with the
OTHERNAME "base" being incorrectly interpreted as a ASN1_IA5STRING.
Reported by Corey Bonnell from Digicert.
CVE-2022-4203
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Commit: e2d0a3b5f559e23f11e4d4687b2889b483afb22a
https://github.com/openssl/openssl/commit/e2d0a3b5f559e23f11e4d4687b2889b483afb22a
Author: Tomas Mraz <tomas at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
A test/certs/bad-othername-cert.pem
A test/certs/nccaothername-cert.pem
A test/certs/nccaothername-key.pem
M test/certs/setup.sh
M test/recipes/25-test_verify.t
Log Message:
-----------
Add testcase for nc_match_single type confusion
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Commit: 8022a4799fe884b3bf8d538e2b4c4ec323663118
https://github.com/openssl/openssl/commit/8022a4799fe884b3bf8d538e2b4c4ec323663118
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M crypto/bn/bn_blind.c
M crypto/bn/bn_local.h
M crypto/bn/build.info
A crypto/bn/rsa_sup_mul.c
M crypto/rsa/rsa_ossl.c
M include/crypto/bn.h
Log Message:
-----------
Fix Timing Oracle in RSA decryption
A timing based side channel exists in the OpenSSL RSA Decryption
implementation which could be sufficient to recover a plaintext across
a network in a Bleichenbacher style attack. To achieve a successful
decryption an attacker would have to be able to send a very large number
of trial messages for decryption. The vulnerability affects all RSA
padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE.
Patch written by Dmitry Belyavsky and Hubert Kario
CVE-2022-4304
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Commit: 7e1d8445b57203211413259eeb53bb4a9400021a
https://github.com/openssl/openssl/commit/7e1d8445b57203211413259eeb53bb4a9400021a
Author: Matt Caswell <matt at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M crypto/pem/pem_lib.c
Log Message:
-----------
Avoid dangling ptrs in header and data params for PEM_read_bio_ex
In the event of a failure in PEM_read_bio_ex() we free the buffers we
allocated for the header and data buffers. However we were not clearing
the ptrs stored in *header and *data. Since, on success, the caller is
responsible for freeing these ptrs this can potentially lead to a double
free if the caller frees them even on failure.
Thanks to Dawei Wang for reporting this issue.
Based on a proposed patch by Kurt Roeckx.
CVE-2022-4450
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Commit: de3ab47deb9ebb5e7cb63d2d761a9a494f138573
https://github.com/openssl/openssl/commit/de3ab47deb9ebb5e7cb63d2d761a9a494f138573
Author: Matt Caswell <matt at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M test/pemtest.c
Log Message:
-----------
Add a test for CVE-2022-4450
Call PEM_read_bio_ex() and expect a failure. There should be no dangling
ptrs and therefore there should be no double free if we free the ptrs on
error.
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Hugo Landau <hlandau at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Commit: 16f263d7ad36b68721887815c58add143a858aad
https://github.com/openssl/openssl/commit/16f263d7ad36b68721887815c58add143a858aad
Author: Matt Caswell <matt at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M crypto/asn1/bio_ndef.c
Log Message:
-----------
Fix a UAF resulting from a bug in BIO_new_NDEF
If the aux->asn1_cb() call fails in BIO_new_NDEF then the "out" BIO will
be part of an invalid BIO chain. This causes a "use after free" when the
BIO is eventually freed.
Based on an original patch by Viktor Dukhovni and an idea from Theo
Buehler.
Thanks to Octavio Galland for reporting this issue.
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Commit: ae72afd02814944839b1de9322becb2ba75a069c
https://github.com/openssl/openssl/commit/ae72afd02814944839b1de9322becb2ba75a069c
Author: Matt Caswell <matt at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M test/recipes/80-test_cms.t
A test/smime-certs/badrsa.pem
Log Message:
-----------
Check CMS failure during BIO setup with -stream is handled correctly
Test for the issue fixed in the previous commit
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Commit: fc173dc3105746c9f381e939041329f8ad94799a
https://github.com/openssl/openssl/commit/fc173dc3105746c9f381e939041329f8ad94799a
Author: Tomas Mraz <tomas at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M crypto/pkcs7/pk7_lib.c
Log Message:
-----------
Do not dereference PKCS7 object data if not set
Fixes CVE-2023-0216
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
Reviewed-by: Paul Dale <pauli at openssl.org>
Commit: c05921c4b833909cbf998787a05e15c4fb8650d4
https://github.com/openssl/openssl/commit/c05921c4b833909cbf998787a05e15c4fb8650d4
Author: Tomas Mraz <tomas at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M test/recipes/25-test_pkcs7.t
A test/recipes/25-test_pkcs7_data/malformed.pkcs7
Log Message:
-----------
Add test for d2i_PKCS7 NULL dereference
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
Reviewed-by: Paul Dale <pauli at openssl.org>
Commit: 6e0760302b4906560034a386d30199d25816518f
https://github.com/openssl/openssl/commit/6e0760302b4906560034a386d30199d25816518f
Author: slontis <shane.lontis at oracle.com>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M crypto/ffc/ffc_key_validate.c
M include/internal/ffc.h
M test/ffc_internal_test.c
Log Message:
-----------
Fix NULL deference when validating FFC public key.
Fixes CVE-2023-0217
When attempting to do a BN_Copy of params->p there was no NULL check.
Since BN_copy does not check for NULL this is a NULL reference.
As an aside BN_cmp() does do a NULL check, so there are other checks
that fail because a NULL is passed. A more general check for NULL params
has been added for both FFC public and private key validation instead.
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Commit: 9ce43690ceed80fee06dbc3caa454c281234b859
https://github.com/openssl/openssl/commit/9ce43690ceed80fee06dbc3caa454c281234b859
Author: Tomas Mraz <tomas at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M providers/implementations/keymgmt/dh_kmgmt.c
M providers/implementations/keymgmt/dsa_kmgmt.c
Log Message:
-----------
Prevent creating DSA and DH keys without parameters through import
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
Commit: b2dc025d149884f2e289e3180876d724171f401e
https://github.com/openssl/openssl/commit/b2dc025d149884f2e289e3180876d724171f401e
Author: Tomas Mraz <tomas at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M crypto/x509/x_pubkey.c
M include/crypto/x509.h
M providers/implementations/encode_decode/decode_der2key.c
Log Message:
-----------
Do not create DSA keys without parameters by decoder
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
Commit: de4e3868de2de12fb799a1cdbba87c44b61cf3e2
https://github.com/openssl/openssl/commit/de4e3868de2de12fb799a1cdbba87c44b61cf3e2
Author: Tomas Mraz <tomas at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M test/recipes/91-test_pkey_check.t
A test/recipes/91-test_pkey_check_data/dsapub.pem
A test/recipes/91-test_pkey_check_data/dsapub_noparam.der
Log Message:
-----------
Add test for DSA pubkey without param import and check
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
Commit: 84d85fcabd6d8f3740ad015bda329512630799df
https://github.com/openssl/openssl/commit/84d85fcabd6d8f3740ad015bda329512630799df
Author: Hugo Landau <hlandau at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M CHANGES.md
M crypto/x509/v3_genn.c
M include/openssl/x509v3.h.in
M test/v3nametest.c
Log Message:
-----------
CVE-2023-0286: Fix GENERAL_NAME_cmp for x400Address (3.0)
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Commit: 4561dc7972ab08a25b1d91db3f99e0e7f72922bc
https://github.com/openssl/openssl/commit/4561dc7972ab08a25b1d91db3f99e0e7f72922bc
Author: Tomas Mraz <tomas at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M crypto/pkcs7/pk7_doit.c
Log Message:
-----------
pk7_doit.c: Check return of BIO_set_md() calls
These calls invoke EVP_DigestInit() which can fail for digests
with implicit fetches. Subsequent EVP_DigestUpdate() from BIO_write()
or EVP_DigestFinal() from BIO_read() will segfault on NULL
dereference. This can be triggered by an attacker providing
PKCS7 data digested with MD4 for example if the legacy provider
is not loaded.
If BIO_set_md() fails the md BIO cannot be used.
CVE-2023-0401
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
Commit: 84358a87be29225432386f13e6de66ca22dd87f6
https://github.com/openssl/openssl/commit/84358a87be29225432386f13e6de66ca22dd87f6
Author: Tomas Mraz <tomas at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M test/recipes/80-test_cms.t
A test/recipes/80-test_cms_data/pkcs7-md4.pem
Log Message:
-----------
Add testcase for missing return check of BIO_set_md() calls
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit at gmail.com>
Compare: https://github.com/openssl/openssl/compare/b767b00c81ad...84358a87be29
More information about the openssl-commits
mailing list