* [PATCH v4][morty] openssl: CVE: CVE-2017-3731
@ 2017-02-07 11:06 Alexandru Moise
2017-02-07 11:30 ` ✗ patchtest: failure for openssl: CVE: CVE-2017-3731 (rev2) Patchwork
0 siblings, 1 reply; 2+ messages in thread
From: Alexandru Moise @ 2017-02-07 11:06 UTC (permalink / raw)
To: openembedded-core
If an SSL/TLS server or client is running on a 32-bit host, and a
specific cipher is being used, then a truncated packet can cause that
server or client to perform an out-of-bounds read, usually resulting
in a crash.
Backported from:
https://github.com/openssl/openssl/commit/8e20499629b6bcf868d0072c7011e590b5c2294d
https://github.com/openssl/openssl/commit/2198b3a55de681e1f3c23edb0586afe13f438051
* CVE: CVE-2017-3731
Upstream-status: Backport
Signed-off-by: Alexandru Moise <alexandru.moise@windriver.com>
---
.../openssl/openssl/0001-CVE-2017-3731.patch | 46 +++++++++++++++++++
.../openssl/openssl/0002-CVE-2017-3731.patch | 53 ++++++++++++++++++++++
.../recipes-connectivity/openssl/openssl_1.0.2j.bb | 2 +
3 files changed, 101 insertions(+)
create mode 100644 meta/recipes-connectivity/openssl/openssl/0001-CVE-2017-3731.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/0002-CVE-2017-3731.patch
diff --git a/meta/recipes-connectivity/openssl/openssl/0001-CVE-2017-3731.patch b/meta/recipes-connectivity/openssl/openssl/0001-CVE-2017-3731.patch
new file mode 100644
index 0000000..b378c5e
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/0001-CVE-2017-3731.patch
@@ -0,0 +1,46 @@
+From 0cde9a9645c949fd0acf657dadc747676245cfaf Mon Sep 17 00:00:00 2001
+From: Alexandru Moise <alexandru.moise@windriver.com>
+Date: Tue, 7 Feb 2017 11:13:19 +0200
+Subject: [PATCH 1/2] crypto/evp: harden RC4_MD5 cipher.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Originally a crash in 32-bit build was reported CHACHA20-POLY1305
+cipher. The crash is triggered by truncated packet and is result
+of excessive hashing to the edge of accessible memory (or bogus
+MAC value is produced if x86 MD5 assembly module is involved). Since
+hash operation is read-only it is not considered to be exploitable
+beyond a DoS condition.
+
+Thanks to Robert Święcki for report.
+
+CVE-2017-3731
+
+Backported from upstream commit:
+8e20499629b6bcf868d0072c7011e590b5c2294d
+
+Upstream-status: Backport
+
+Reviewed-by: Rich Salz <rsalz@openssl.org>
+Signed-off-by: Alexandru Moise <alexandru.moise@windriver.com>
+---
+ crypto/evp/e_rc4_hmac_md5.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/crypto/evp/e_rc4_hmac_md5.c b/crypto/evp/e_rc4_hmac_md5.c
+index 5e92855..3293419 100644
+--- a/crypto/evp/e_rc4_hmac_md5.c
++++ b/crypto/evp/e_rc4_hmac_md5.c
+@@ -269,6 +269,8 @@ static int rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
+ len = p[arg - 2] << 8 | p[arg - 1];
+
+ if (!ctx->encrypt) {
++ if (len < MD5_DIGEST_LENGTH)
++ return -1;
+ len -= MD5_DIGEST_LENGTH;
+ p[arg - 2] = len >> 8;
+ p[arg - 1] = len;
+--
+2.10.2
+
diff --git a/meta/recipes-connectivity/openssl/openssl/0002-CVE-2017-3731.patch b/meta/recipes-connectivity/openssl/openssl/0002-CVE-2017-3731.patch
new file mode 100644
index 0000000..990cbfd
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/0002-CVE-2017-3731.patch
@@ -0,0 +1,53 @@
+From 6427f1accc54b515bb899370f1a662bfcb1caa52 Mon Sep 17 00:00:00 2001
+From: Alexandru Moise <alexandru.moise@windriver.com>
+Date: Tue, 7 Feb 2017 11:16:13 +0200
+Subject: [PATCH 2/2] crypto/evp: harden AEAD ciphers.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Originally a crash in 32-bit build was reported CHACHA20-POLY1305
+cipher. The crash is triggered by truncated packet and is result
+of excessive hashing to the edge of accessible memory. Since hash
+operation is read-only it is not considered to be exploitable
+beyond a DoS condition. Other ciphers were hardened.
+
+Thanks to Robert Święcki for report.
+
+CVE-2017-3731
+
+Backported from upstream commit:
+2198b3a55de681e1f3c23edb0586afe13f438051
+
+Upstream-status: Backport
+
+Reviewed-by: Rich Salz <rsalz@openssl.org>
+Signed-off-by: Alexandru Moise <alexandru.moise@windriver.com>
+---
+ crypto/evp/e_aes.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
+index 1734a82..16dcd10 100644
+--- a/crypto/evp/e_aes.c
++++ b/crypto/evp/e_aes.c
+@@ -1235,10 +1235,15 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
+ {
+ unsigned int len = c->buf[arg - 2] << 8 | c->buf[arg - 1];
+ /* Correct length for explicit IV */
++ if (len < EVP_GCM_TLS_EXPLICIT_IV_LEN)
++ return 0;
+ len -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
+ /* If decrypting correct for tag too */
+- if (!c->encrypt)
++ if (!c->encrypt) {
++ if (len < EVP_GCM_TLS_TAG_LEN)
++ return 0;
+ len -= EVP_GCM_TLS_TAG_LEN;
++ }
+ c->buf[arg - 2] = len >> 8;
+ c->buf[arg - 1] = len & 0xff;
+ }
+--
+2.10.2
+
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb
index f2aca36..9a7cded 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb
@@ -41,6 +41,8 @@ SRC_URI += "file://find.pl;subdir=${BP}/util/ \
file://parallel.patch \
file://openssl-util-perlpath.pl-cwd.patch \
file://CVE-2016-7055.patch \
+ file://0001-CVE-2017-3731.patch \
+ file://0002-CVE-2017-3731.patch \
"
SRC_URI[md5sum] = "96322138f0b69e61b7212bc53d5e912b"
SRC_URI[sha256sum] = "e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431"
--
2.10.2
^ permalink raw reply related [flat|nested] 2+ messages in thread
* ✗ patchtest: failure for openssl: CVE: CVE-2017-3731 (rev2)
2017-02-07 11:06 [PATCH v4][morty] openssl: CVE: CVE-2017-3731 Alexandru Moise
@ 2017-02-07 11:30 ` Patchwork
0 siblings, 0 replies; 2+ messages in thread
From: Patchwork @ 2017-02-07 11:30 UTC (permalink / raw)
To: Alexandru Moise; +Cc: openembedded-core
== Series Details ==
Series: openssl: CVE: CVE-2017-3731 (rev2)
Revision: 2
URL : https://patchwork.openembedded.org/series/5182/
State : failure
== Summary ==
Thank you for submitting this patch series to OpenEmbedded Core. This is
an automated response. Several tests have been executed on the proposed
series by patchtest resulting in the following failures:
* Issue Added patch file is missing Upstream-Status in the header [test_upstream_status_presence]
Suggested fix Add Upstream-Status: <status> to the header of meta/recipes-connectivity/openssl/openssl/0001-CVE-2017-3731.patch (possible values: Pending, Submitted, Accepted, Backport, Denied, Inappropriate)
If you believe any of these test results are incorrect, please reply to the
mailing list (openembedded-core@lists.openembedded.org) raising your concerns.
Otherwise we would appreciate you correcting the issues and submitting a new
version of the patchset if applicable. Please ensure you add/increment the
version number when sending the new version (i.e. [PATCH] -> [PATCH v2] ->
[PATCH v3] -> ...).
---
Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest
Test suite: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-02-07 11:30 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-02-07 11:06 [PATCH v4][morty] openssl: CVE: CVE-2017-3731 Alexandru Moise
2017-02-07 11:30 ` ✗ patchtest: failure for openssl: CVE: CVE-2017-3731 (rev2) Patchwork
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox