From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 03/31] openssl: CVE-2022-3358 Using a Custom Cipher with NID_undef may lead to NULL encryption
Date: Thu, 3 Nov 2022 17:00:38 -1000 [thread overview]
Message-ID: <0575f1d03e640a989b4e75b3ef18944de383187f.1667530733.git.steve@sakoman.com> (raw)
In-Reply-To: <cover.1667530733.git.steve@sakoman.com>
From: Hitendra Prajapati <hprajapati@mvista.com>
Upstream-Status: Backport from https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b]
Description:
CVE-2022-3358 openssl: Using a Custom Cipher with NID_undef may lead to NULL encryption.
Affects "openssl < 3.0.6"
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit f98b2273c6f03f8f6029a7a409600ce290817e27)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit 08b32d2b35c2ba63774d098af467d1c723b1b6e6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../openssl/openssl/CVE-2022-3358.patch | 55 +++++++++++++++++++
.../openssl/openssl_3.0.5.bb | 1 +
2 files changed, 56 insertions(+)
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2022-3358.patch
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2022-3358.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2022-3358.patch
new file mode 100644
index 0000000000..18b2a5a6b2
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2022-3358.patch
@@ -0,0 +1,55 @@
+From 56e1d693f0ec5550a8e3dd52d30e57a02f0287af Mon Sep 17 00:00:00 2001
+From: Hitendra Prajapati <hprajapati@mvista.com>
+Date: Wed, 19 Oct 2022 11:08:23 +0530
+Subject: [PATCH] CVE-2022-3358
+
+Upstream-Status: Backport [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b]
+CVE : CVE-2022-3358
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ crypto/evp/digest.c | 4 +++-
+ crypto/evp/evp_enc.c | 6 ++++--
+ 2 files changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
+index de9a1dc..e6e03ea 100644
+--- a/crypto/evp/digest.c
++++ b/crypto/evp/digest.c
+@@ -225,7 +225,9 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type,
+ || tmpimpl != NULL
+ #endif
+ || (ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) != 0
+- || type->origin == EVP_ORIG_METH) {
++ || (type != NULL && type->origin == EVP_ORIG_METH)
++ || (type == NULL && ctx->digest != NULL
++ && ctx->digest->origin == EVP_ORIG_METH)) {
+ if (ctx->digest == ctx->fetched_digest)
+ ctx->digest = NULL;
+ EVP_MD_free(ctx->fetched_digest);
+diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
+index 19a07de..5df08bd 100644
+--- a/crypto/evp/evp_enc.c
++++ b/crypto/evp/evp_enc.c
+@@ -131,7 +131,10 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx,
+ #if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODULE)
+ || tmpimpl != NULL
+ #endif
+- || impl != NULL) {
++ || impl != NULL
++ || (cipher != NULL && cipher->origin == EVP_ORIG_METH)
++ || (cipher == NULL && ctx->cipher != NULL
++ && ctx->cipher->origin == EVP_ORIG_METH)) {
+ if (ctx->cipher == ctx->fetched_cipher)
+ ctx->cipher = NULL;
+ EVP_CIPHER_free(ctx->fetched_cipher);
+@@ -147,7 +150,6 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx,
+ ctx->cipher_data = NULL;
+ }
+
+-
+ /* Start of non-legacy code below */
+
+ /* Ensure a context left lying around from last time is cleared */
+--
+2.25.1
+
diff --git a/meta/recipes-connectivity/openssl/openssl_3.0.5.bb b/meta/recipes-connectivity/openssl/openssl_3.0.5.bb
index e50ff7f8c5..ee051ee7d4 100644
--- a/meta/recipes-connectivity/openssl/openssl_3.0.5.bb
+++ b/meta/recipes-connectivity/openssl/openssl_3.0.5.bb
@@ -12,6 +12,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \
file://afalg.patch \
file://0001-Configure-do-not-tweak-mips-cflags.patch \
+ file://CVE-2022-3358.patch \
"
SRC_URI:append:class-nativesdk = " \
--
2.25.1
next prev parent reply other threads:[~2022-11-04 3:01 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-04 3:00 [OE-core][kirkstone 00/31] Patch review Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 01/31] openssl: export necessary env vars in SDK Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 02/31] openssl: Fix SSL_CERT_FILE to match ca-certs location Steve Sakoman
2022-11-04 3:00 ` Steve Sakoman [this message]
2022-11-04 3:00 ` [OE-core][kirkstone 04/31] openssl: Upgrade 3.0.5 -> 3.0.7 Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 05/31] lighttpd: fix CVE-2022-41556 Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 06/31] tiff: fix CVE-2022-2953 Steve Sakoman
2022-11-07 9:10 ` Shubham Kulkarni
2022-11-07 14:19 ` Steve Sakoman
2022-11-09 10:27 ` Shubham Kulkarni
2022-11-04 3:00 ` [OE-core][kirkstone 07/31] expat: backport the fix for CVE-2022-43680 Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 08/31] wayland: fix CVE-2021-3782 Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 09/31] cve-update-db-native: add timeout to urlopen() calls Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 10/31] vim: Upgrade 9.0.0598 -> 9.0.0614 Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 11/31] vim: upgrade 9.0.0614 -> 9.0.0820 Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 12/31] ifupdown: upgrade 0.8.37 -> 0.8.39 Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 13/31] scripts/oe-check-sstate: cleanup Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 14/31] scripts/oe-check-sstate: force build to run for all targets, specifically populate_sysroot Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 15/31] psplash: add psplash-default in rdepends Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 16/31] opkg-utils: use a git clone, not a dynamic snapshot Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 17/31] insane.bbclass: Allow hashlib version that only accepts on parameter Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 18/31] oe/packagemanager/rpm: don't leak file objects Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 19/31] u-boot: Remove duplicate inherit of cml1 Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 20/31] bluez5: add dbus to RDEPENDS Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 21/31] glib-2.0: fix rare GFileInfo test case failure Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 22/31] gnutls: Unified package names to lower-case Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 23/31] meson: make wrapper options sub-command specific Steve Sakoman
2022-11-04 3:00 ` [OE-core][kirkstone 24/31] buildtools-tarball: export certificates to python and curl Steve Sakoman
2022-11-04 3:01 ` [OE-core][kirkstone 25/31] qemu-native: Add PACKAGECONFIG option for jack Steve Sakoman
2022-11-04 3:01 ` [OE-core][kirkstone 26/31] runqemu: Do not perturb script environment Steve Sakoman
2022-11-04 3:01 ` [OE-core][kirkstone 27/31] runqemu: Fix gl-es argument from causing other arguments to be ignored Steve Sakoman
2022-11-04 3:01 ` [OE-core][kirkstone 28/31] overlayfs: Allow not used mount points Steve Sakoman
2022-11-04 3:01 ` [OE-core][kirkstone 29/31] cmake-native: Fix host tool contamination (Bug: 14951) Steve Sakoman
2022-11-04 3:01 ` [OE-core][kirkstone 30/31] ltp: backport clock_gettime04 fix from upstream Steve Sakoman
2022-11-04 3:01 ` [OE-core][kirkstone 31/31] perf: Depend on native setuptools3 Steve Sakoman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0575f1d03e640a989b4e75b3ef18944de383187f.1667530733.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox