* [Buildroot] [PATCH 1/1] package/libtomcrypt: add security patch for CVE-2019-17362
@ 2019-12-23 15:03 Thomas De Schampheleire
2019-12-23 19:54 ` Thomas Petazzoni
2019-12-25 21:44 ` Peter Korsgaard
0 siblings, 2 replies; 3+ messages in thread
From: Thomas De Schampheleire @ 2019-12-23 15:03 UTC (permalink / raw)
To: buildroot
From: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
CVE-2019-17362:
"The der_decode_utf8_string function (in der_decode_utf8_string.c) does not
properly detect certain invalid UTF-8 sequences. This allows
context-dependent attackers to cause a denial of service (out-of-bounds read
and crash) or read information from other memory locations via carefully
crafted DER-encoded data."
Details:
https://github.com/libtom/libtomcrypt/issues/507
https://nvd.nist.gov/vuln/detail/CVE-2019-17362
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
---
.../libtomcrypt/0001-fix-CVE-2019-17362.patch | 29 +++++++++++++++++++
1 file changed, 29 insertions(+)
create mode 100644 package/libtomcrypt/0001-fix-CVE-2019-17362.patch
diff --git a/package/libtomcrypt/0001-fix-CVE-2019-17362.patch b/package/libtomcrypt/0001-fix-CVE-2019-17362.patch
new file mode 100644
index 0000000000..91e2145853
--- /dev/null
+++ b/package/libtomcrypt/0001-fix-CVE-2019-17362.patch
@@ -0,0 +1,29 @@
+From 25c26a3b7a9ad8192ccc923e15cf62bf0108ef94 Mon Sep 17 00:00:00 2001
+From: werew <werew@ret2libc.com>
+Date: Thu, 3 Oct 2019 19:57:10 +0200
+Subject: [PATCH] Fixes #507
+
+Fix a vulnerability in der_decode_utf8_string as specified here:
+https://github.com/libtom/libtomcrypt/issues/507
+
+[for import into Buildroot]
+Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
+
+
+---
+ src/pk/asn1/der/utf8/der_decode_utf8_string.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/pk/asn1/der/utf8/der_decode_utf8_string.c b/src/pk/asn1/der/utf8/der_decode_utf8_string.c
+index 94555b99f..d3ed82bea 100644
+--- a/src/pk/asn1/der/utf8/der_decode_utf8_string.c
++++ b/src/pk/asn1/der/utf8/der_decode_utf8_string.c
+@@ -65,7 +65,7 @@ int der_decode_utf8_string(const unsigned char *in, unsigned long inlen,
+ /* count number of bytes */
+ for (z = 0; (tmp & 0x80) && (z <= 4); z++, tmp = (tmp << 1) & 0xFF);
+
+- if (z > 4 || (x + (z - 1) > inlen)) {
++ if (z == 1 || z > 4 || (x + (z - 1) > inlen)) {
+ return CRYPT_INVALID_PACKET;
+ }
+
--
2.24.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [Buildroot] [PATCH 1/1] package/libtomcrypt: add security patch for CVE-2019-17362
2019-12-23 15:03 [Buildroot] [PATCH 1/1] package/libtomcrypt: add security patch for CVE-2019-17362 Thomas De Schampheleire
@ 2019-12-23 19:54 ` Thomas Petazzoni
2019-12-25 21:44 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Thomas Petazzoni @ 2019-12-23 19:54 UTC (permalink / raw)
To: buildroot
On Mon, 23 Dec 2019 16:03:37 +0100
Thomas De Schampheleire <patrickdepinguin@gmail.com> wrote:
> From: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
>
> CVE-2019-17362:
> "The der_decode_utf8_string function (in der_decode_utf8_string.c) does not
> properly detect certain invalid UTF-8 sequences. This allows
> context-dependent attackers to cause a denial of service (out-of-bounds read
> and crash) or read information from other memory locations via carefully
> crafted DER-encoded data."
>
> Details:
> https://github.com/libtom/libtomcrypt/issues/507
> https://nvd.nist.gov/vuln/detail/CVE-2019-17362
>
> Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
> ---
> .../libtomcrypt/0001-fix-CVE-2019-17362.patch | 29 +++++++++++++++++++
> 1 file changed, 29 insertions(+)
> create mode 100644 package/libtomcrypt/0001-fix-CVE-2019-17362.patch
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Buildroot] [PATCH 1/1] package/libtomcrypt: add security patch for CVE-2019-17362
2019-12-23 15:03 [Buildroot] [PATCH 1/1] package/libtomcrypt: add security patch for CVE-2019-17362 Thomas De Schampheleire
2019-12-23 19:54 ` Thomas Petazzoni
@ 2019-12-25 21:44 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2019-12-25 21:44 UTC (permalink / raw)
To: buildroot
>>>>> "Thomas" == Thomas De Schampheleire <patrickdepinguin@gmail.com> writes:
> From: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
> CVE-2019-17362:
> "The der_decode_utf8_string function (in der_decode_utf8_string.c) does not
> properly detect certain invalid UTF-8 sequences. This allows
> context-dependent attackers to cause a denial of service (out-of-bounds read
> and crash) or read information from other memory locations via carefully
> crafted DER-encoded data."
> Details:
> https://github.com/libtom/libtomcrypt/issues/507
> https://nvd.nist.gov/vuln/detail/CVE-2019-17362
> Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Committed to 2019.02.x and 2019.11.x, thanks.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-12-25 21:44 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-12-23 15:03 [Buildroot] [PATCH 1/1] package/libtomcrypt: add security patch for CVE-2019-17362 Thomas De Schampheleire
2019-12-23 19:54 ` Thomas Petazzoni
2019-12-25 21:44 ` Peter Korsgaard
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox