[openssl/openssl] 748f47: Fix type confusion in nc_match_single()
Tomáš Mráz
noreply at github.com
Tue Feb 7 16:32:18 UTC 2023
Branch: refs/heads/master
Home: https://github.com/openssl/openssl
Commit: 748f478f814bc8e418542c68599ec7dbcbac97b2
https://github.com/openssl/openssl/commit/748f478f814bc8e418542c68599ec7dbcbac97b2
Author: Viktor Dukhovni <openssl-users at dukhovni.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M crypto/x509/v3_ncons.c
Log Message:
-----------
Fix type confusion in nc_match_single()
This function assumes that if the "gen" is an OtherName, then the "base"
is a rfc822Name constraint. This assumption is not true in all cases.
If the end-entity certificate contains an OtherName SAN of any type besides
SmtpUtf8Mailbox and the CA certificate contains a name constraint of
OtherName (of any type), then "nc_email_eai" will be invoked, with the
OTHERNAME "base" being incorrectly interpreted as a ASN1_IA5STRING.
Reported by Corey Bonnell from Digicert.
CVE-2022-4203
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Commit: 96e77bd32786209a7c7975eb8aedd6485b79e4e0
https://github.com/openssl/openssl/commit/96e77bd32786209a7c7975eb8aedd6485b79e4e0
Author: Tomas Mraz <tomas at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
A test/certs/bad-othername-cert.pem
A test/certs/nccaothername-cert.pem
A test/certs/nccaothername-key.pem
M test/certs/setup.sh
M test/recipes/25-test_verify.t
Log Message:
-----------
Add testcase for nc_match_single type confusion
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
Commit: b1892d21f8f0435deb0250f24a97915dc641c807
https://github.com/openssl/openssl/commit/b1892d21f8f0435deb0250f24a97915dc641c807
Author: Dmitry Belyavskiy <beldmit at gmail.com>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M crypto/bn/bn_blind.c
M crypto/bn/bn_local.h
M crypto/bn/build.info
A crypto/bn/rsa_sup_mul.c
M crypto/rsa/rsa_ossl.c
M include/crypto/bn.h
Log Message:
-----------
Fix Timing Oracle in RSA decryption
A timing based side channel exists in the OpenSSL RSA Decryption
implementation which could be sufficient to recover a plaintext across
a network in a Bleichenbacher style attack. To achieve a successful
decryption an attacker would have to be able to send a very large number
of trial messages for decryption. The vulnerability affects all RSA
padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE.
Patch written by Dmitry Belyavsky and Hubert Kario
CVE-2022-4304
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Commit: ee6243f3947107d655f6dee96f63861561a5aaeb
https://github.com/openssl/openssl/commit/ee6243f3947107d655f6dee96f63861561a5aaeb
Author: Matt Caswell <matt at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M crypto/pem/pem_lib.c
Log Message:
-----------
Avoid dangling ptrs in header and data params for PEM_read_bio_ex
In the event of a failure in PEM_read_bio_ex() we free the buffers we
allocated for the header and data buffers. However we were not clearing
the ptrs stored in *header and *data. Since, on success, the caller is
responsible for freeing these ptrs this can potentially lead to a double
free if the caller frees them even on failure.
Thanks to Dawei Wang for reporting this issue.
Based on a proposed patch by Kurt Roeckx.
CVE-2022-4450
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Commit: dc341a46677fe19f055bd2eea0e3a2af21053903
https://github.com/openssl/openssl/commit/dc341a46677fe19f055bd2eea0e3a2af21053903
Author: Matt Caswell <matt at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M test/pemtest.c
Log Message:
-----------
Add a test for CVE-2022-4450
Call PEM_read_bio_ex() and expect a failure. There should be no dangling
ptrs and therefore there should be no double free if we free the ptrs on
error.
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Commit: 9cc85002a1138235bdc272b837d7eb32d6b7aa95
https://github.com/openssl/openssl/commit/9cc85002a1138235bdc272b837d7eb32d6b7aa95
Author: Matt Caswell <matt at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M crypto/asn1/bio_ndef.c
Log Message:
-----------
Fix a UAF resulting from a bug in BIO_new_NDEF
If the aux->asn1_cb() call fails in BIO_new_NDEF then the "out" BIO will
be part of an invalid BIO chain. This causes a "use after free" when the
BIO is eventually freed.
Based on an original patch by Viktor Dukhovni and an idea from Theo
Buehler.
Thanks to Octavio Galland for reporting this issue.
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Commit: 625faca931957719c76fb16094cf5b6e0debe23f
https://github.com/openssl/openssl/commit/625faca931957719c76fb16094cf5b6e0debe23f
Author: Matt Caswell <matt at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M test/recipes/80-test_cms.t
A test/smime-certs/badrsa.pem
Log Message:
-----------
Check CMS failure during BIO setup with -stream is handled correctly
Test for the issue fixed in the previous commit
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Commit: 80253dbdc92bec584f4a9866b43f8674156d838a
https://github.com/openssl/openssl/commit/80253dbdc92bec584f4a9866b43f8674156d838a
Author: Tomas Mraz <tomas at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M crypto/pkcs7/pk7_lib.c
Log Message:
-----------
Do not dereference PKCS7 object data if not set
Fixes CVE-2023-0216
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
Commit: 3436f9c24ab90c1661e4798e7944f028d5d251ce
https://github.com/openssl/openssl/commit/3436f9c24ab90c1661e4798e7944f028d5d251ce
Author: Tomas Mraz <tomas at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M test/recipes/25-test_pkcs7.t
A test/recipes/25-test_pkcs7_data/malformed.pkcs7
Log Message:
-----------
Add test for d2i_PKCS7 NULL dereference
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
Commit: bcec03c33cc00a7b5eb89ebeeee59e604570a86a
https://github.com/openssl/openssl/commit/bcec03c33cc00a7b5eb89ebeeee59e604570a86a
Author: slontis <shane.lontis at oracle.com>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M crypto/ffc/ffc_key_validate.c
M include/internal/ffc.h
M test/ffc_internal_test.c
Log Message:
-----------
Fix NULL deference when validating FFC public key.
Fixes CVE-2023-0217
When attempting to do a BN_Copy of params->p there was no NULL check.
Since BN_copy does not check for NULL this is a NULL reference.
As an aside BN_cmp() does do a NULL check, so there are other checks
that fail because a NULL is passed. A more general check for NULL params
has been added for both FFC public and private key validation instead.
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Commit: 9ac82e2e7225759c21e712cba6dfe8da22ef7e47
https://github.com/openssl/openssl/commit/9ac82e2e7225759c21e712cba6dfe8da22ef7e47
Author: Tomas Mraz <tomas at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M providers/implementations/keymgmt/dh_kmgmt.c
M providers/implementations/keymgmt/dsa_kmgmt.c
Log Message:
-----------
Prevent creating DSA and DH keys without parameters through import
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
Commit: 604247bf75571c1c3fb6a1723346c61acd957221
https://github.com/openssl/openssl/commit/604247bf75571c1c3fb6a1723346c61acd957221
Author: Tomas Mraz <tomas at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M crypto/x509/x_pubkey.c
M include/crypto/x509.h
M providers/implementations/encode_decode/decode_der2key.c
Log Message:
-----------
Do not create DSA keys without parameters by decoder
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
Commit: adf77d6657e836fc87391fad53d857927a764297
https://github.com/openssl/openssl/commit/adf77d6657e836fc87391fad53d857927a764297
Author: Tomas Mraz <tomas at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M test/recipes/91-test_pkey_check.t
A test/recipes/91-test_pkey_check_data/dsapub.pem
A test/recipes/91-test_pkey_check_data/dsapub_noparam.der
Log Message:
-----------
Add test for DSA pubkey without param import and check
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
Commit: 7880536fe17c2b5450e279155bedd51771d28c9f
https://github.com/openssl/openssl/commit/7880536fe17c2b5450e279155bedd51771d28c9f
Author: Hugo Landau <hlandau at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M crypto/x509/v3_genn.c
M include/openssl/x509v3.h.in
M test/v3nametest.c
Log Message:
-----------
Fix GENERAL_NAME_cmp for x400Address (master)
CVE-2023-0286
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Commit: 6eebe6c0238178356114a96a7858f36b24172847
https://github.com/openssl/openssl/commit/6eebe6c0238178356114a96a7858f36b24172847
Author: Tomas Mraz <tomas at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M crypto/pkcs7/pk7_doit.c
Log Message:
-----------
pk7_doit.c: Check return of BIO_set_md() calls
These calls invoke EVP_DigestInit() which can fail for digests
with implicit fetches. Subsequent EVP_DigestUpdate() from BIO_write()
or EVP_DigestFinal() from BIO_read() will segfault on NULL
dereference. This can be triggered by an attacker providing
PKCS7 data digested with MD4 for example if the legacy provider
is not loaded.
If BIO_set_md() fails the md BIO cannot be used.
CVE-2023-0401
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
Commit: c47b6fe9e6c014df009c55221b6c08391c361ba6
https://github.com/openssl/openssl/commit/c47b6fe9e6c014df009c55221b6c08391c361ba6
Author: Tomas Mraz <tomas at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M test/recipes/80-test_cms.t
A test/recipes/80-test_cms_data/pkcs7-md4.pem
Log Message:
-----------
Add testcase for missing return check of BIO_set_md() calls
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
Commit: 35da6af1f82e3d02338aabe28cab744a63728fd8
https://github.com/openssl/openssl/commit/35da6af1f82e3d02338aabe28cab744a63728fd8
Author: Tomas Mraz <tomas at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M crypto/pkcs7/pk7_smime.c
Log Message:
-----------
Support signedAndEnveloped content in PKCS7_decrypt()
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
Commit: 1bb5ce7a3327335690a9f5c8a0b64a0b491a4bf5
https://github.com/openssl/openssl/commit/1bb5ce7a3327335690a9f5c8a0b64a0b491a4bf5
Author: Tomas Mraz <tomas at openssl.org>
Date: 2023-02-07 (Tue, 07 Feb 2023)
Changed paths:
M test/recipes/80-test_cms.t
A test/recipes/80-test_cms_data/pkcs7-md4-encrypted.pem
Log Message:
-----------
Additional testcase for missing return check of BIO_set_md() calls
This tests the handling of PKCS7 signedAndEnveloped type.
Reviewed-by: Paul Dale <pauli at openssl.org>
Reviewed-by: Richard Levitte <levitte at openssl.org>
Compare: https://github.com/openssl/openssl/compare/cded5d05253d...1bb5ce7a3327
More information about the openssl-commits
mailing list