From: hsimeliere.opensource@witekio.com
To: openembedded-core@lists.openembedded.org
Cc: "Hugo SIMELIERE (Schneider Electric)"
<hsimeliere.opensource@witekio.com>,
Bruno VERNAY <bruno.vernay@se.com>
Subject: [OE-core][scarthgap][PATCH 7/7] gnutls: Fix CVE-2026-5260
Date: Wed, 20 May 2026 10:14:03 +0200 [thread overview]
Message-ID: <20260520081403.3052797-7-hsimeliere.opensource@witekio.com> (raw)
In-Reply-To: <20260520081403.3052797-1-hsimeliere.opensource@witekio.com>
From: "Hugo SIMELIERE (Schneider Electric)" <hsimeliere.opensource@witekio.com>
Pick patches from [1] and [2] as mentioned in Debian report in [3].
[1] https://gitlab.com/gnutls/gnutls/-/commit/77228f2d1ac207d2f894e5a168fbb47e5378e42f
[2] https://gitlab.com/gnutls/gnutls/-/commit/cf6bdc5e4df49e5583d3fb4d2296779785f10683
[3] https://security-tracker.debian.org/tracker/CVE-2026-5260
Signed-off-by: Hugo SIMELIERE (Schneider Electric) <hsimeliere.opensource@witekio.com>
Reviewed-by: Bruno VERNAY <bruno.vernay@se.com>
---
.../gnutls/gnutls/CVE-2026-5260-1.patch | 78 +++++++++++++++++++
.../gnutls/gnutls/CVE-2026-5260-2.patch | 40 ++++++++++
meta/recipes-support/gnutls/gnutls_3.8.4.bb | 2 +
3 files changed, 120 insertions(+)
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2026-5260-1.patch
create mode 100644 meta/recipes-support/gnutls/gnutls/CVE-2026-5260-2.patch
diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2026-5260-1.patch b/meta/recipes-support/gnutls/gnutls/CVE-2026-5260-1.patch
new file mode 100644
index 0000000000..060440e8b7
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/CVE-2026-5260-1.patch
@@ -0,0 +1,78 @@
+From a39a21031f9e56d31747b060f83fb49d1a77f0c5 Mon Sep 17 00:00:00 2001
+From: Alexander Sosedkin <asosedkin@redhat.com>
+Date: Mon, 30 Mar 2026 17:31:07 +0200
+Subject: [PATCH 1/2] lib/auth/rsa: check that ciphertext matches the modulus
+ size
+
+A client sending extremely short premaster secret as part of an
+RSA key exchange could've theoretically triggered a short heap overread
+to nowhere when the RSA key was backed with a PKCS#11 token.
+With this fix, the internal decryption function will not be called
+with an mismatching plaintext length specified, avoiding the overread.
+
+Reported-by: Joshua Rogers of AISLE Research Team <joshua@joshua.hu>
+Fixes: #1814
+Fixes: CVE-2026-5260
+Fixes: GNUTLS-SA-2026-04-29-10
+CVSS: 5.9 Medium CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
+
+CVE: CVE-2026-5260
+Upstream-Status: Backport [https://gitlab.com/gnutls/gnutls/-/commit/77228f2d1ac207d2f894e5a168fbb47e5378e42f]
+
+Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
+(cherry picked from commit 77228f2d1ac207d2f894e5a168fbb47e5378e42f)
+Signed-off-by: Hugo SIMELIERE (Schneider Electric) <hsimeliere.opensource@witekio.com>
+---
+ lib/auth/rsa.c | 5 +++++
+ lib/auth/rsa_psk.c | 5 +++++
+ 2 files changed, 10 insertions(+)
+
+diff --git a/lib/auth/rsa.c b/lib/auth/rsa.c
+index b5ecc092f..24c1649be 100644
+--- a/lib/auth/rsa.c
++++ b/lib/auth/rsa.c
+@@ -158,6 +158,7 @@ static int proc_rsa_client_kx(gnutls_session_t session, uint8_t *data,
+ int ret, dsize;
+ ssize_t data_size = _data_size;
+ volatile uint8_t ver_maj, ver_min;
++ unsigned int key_bits;
+
+ #ifdef ENABLE_SSL3
+ if (get_num_version(session) == GNUTLS_SSL3) {
+@@ -180,6 +181,10 @@ static int proc_rsa_client_kx(gnutls_session_t session, uint8_t *data,
+ }
+ ciphertext.size = dsize;
+ }
++ gnutls_privkey_get_pk_algorithm(session->internals.selected_key,
++ &key_bits);
++ if (ciphertext.size != (key_bits + 7) / 8)
++ return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+ ver_maj = _gnutls_get_adv_version_major(session);
+ ver_min = _gnutls_get_adv_version_minor(session);
+diff --git a/lib/auth/rsa_psk.c b/lib/auth/rsa_psk.c
+index a14de467a..a1da1b320 100644
+--- a/lib/auth/rsa_psk.c
++++ b/lib/auth/rsa_psk.c
+@@ -257,6 +257,7 @@ static int _gnutls_proc_rsa_psk_client_kx(gnutls_session_t session,
+ ssize_t data_size = _data_size;
+ gnutls_psk_server_credentials_t cred;
+ volatile uint8_t ver_maj, ver_min;
++ unsigned int rsa_key_bits;
+
+ cred = (gnutls_psk_server_credentials_t)_gnutls_get_cred(
+ session, GNUTLS_CRD_PSK);
+@@ -313,6 +314,10 @@ static int _gnutls_proc_rsa_psk_client_kx(gnutls_session_t session,
+ return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+ }
+ ciphertext.size = dsize;
++ gnutls_privkey_get_pk_algorithm(session->internals.selected_key,
++ &rsa_key_bits);
++ if (ciphertext.size != (rsa_key_bits + 7) / 8)
++ return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+ ver_maj = _gnutls_get_adv_version_major(session);
+ ver_min = _gnutls_get_adv_version_minor(session);
+--
+2.43.0
+
diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2026-5260-2.patch b/meta/recipes-support/gnutls/gnutls/CVE-2026-5260-2.patch
new file mode 100644
index 0000000000..32181e45da
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/CVE-2026-5260-2.patch
@@ -0,0 +1,40 @@
+From 9b58b5237713d2189192aa8591b337787ee2edff Mon Sep 17 00:00:00 2001
+From: Alexander Sosedkin <asosedkin@redhat.com>
+Date: Mon, 30 Mar 2026 17:46:40 +0200
+Subject: [PATCH 2/2] lib/pkcs11_privkey: guard against overreading on short
+ ciphertexts
+
+This is an alternative fix for the callee side.
+
+Reported-by: Joshua Rogers of AISLE Research Team <joshua@joshua.hu>
+Fixes: #1814
+Fixes: CVE-2026-5260
+Fixes: GNUTLS-SA-2026-04-29-10
+CVSS: 5.9 Medium CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
+
+CVE: CVE-2026-5260
+Upstream-Status: Backport [https://gitlab.com/gnutls/gnutls/-/commit/cf6bdc5e4df49e5583d3fb4d2296779785f10683]
+
+Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
+(cherry picked from commit cf6bdc5e4df49e5583d3fb4d2296779785f10683)
+Signed-off-by: Hugo SIMELIERE (Schneider Electric) <hsimeliere.opensource@witekio.com>
+---
+ lib/pkcs11_privkey.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/pkcs11_privkey.c b/lib/pkcs11_privkey.c
+index 5093a6d56..369b034a6 100644
+--- a/lib/pkcs11_privkey.c
++++ b/lib/pkcs11_privkey.c
+@@ -826,7 +826,7 @@ int _gnutls_pkcs11_privkey_decrypt_data2(gnutls_pkcs11_privkey_t key,
+ if (ret != 0)
+ return gnutls_assert_val(GNUTLS_E_LOCKING_ERROR);
+
+- buffer = gnutls_malloc(siglen);
++ buffer = gnutls_malloc(MAX((size_t)siglen, plaintext_size));
+ if (!buffer) {
+ gnutls_assert();
+ return GNUTLS_E_MEMORY_ERROR;
+--
+2.43.0
+
diff --git a/meta/recipes-support/gnutls/gnutls_3.8.4.bb b/meta/recipes-support/gnutls/gnutls_3.8.4.bb
index 0b3abb827c..a4a6a5fe21 100644
--- a/meta/recipes-support/gnutls/gnutls_3.8.4.bb
+++ b/meta/recipes-support/gnutls/gnutls_3.8.4.bb
@@ -51,6 +51,8 @@ SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar
file://CVE-2026-42015.patch \
file://CVE-2026-42014.patch \
file://CVE-2026-42010.patch \
+ file://CVE-2026-5260-1.patch \
+ file://CVE-2026-5260-2.patch \
"
SRC_URI[sha256sum] = "2bea4e154794f3f00180fa2a5c51fe8b005ac7a31cd58bd44cdfa7f36ebc3a9b"
--
2.43.0
next prev parent reply other threads:[~2026-05-20 8:15 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-20 8:13 [OE-core][scarthgap][PATCH 1/7] gnutls: Fix CVE-2026-33846 hsimeliere.opensource
2026-05-20 8:13 ` [OE-core][scarthgap][PATCH 2/7] gnutls: Fix CVE-2026-33845 hsimeliere.opensource
2026-05-20 8:13 ` [OE-core][scarthgap][PATCH 3/7] gnutls: Fix CVE-2026-3833 hsimeliere.opensource
2026-05-20 8:14 ` [OE-core][scarthgap][PATCH 4/7] gnutls: Fix CVE-2026-42015 hsimeliere.opensource
2026-05-20 8:14 ` [OE-core][scarthgap][PATCH 5/7] gnutls: Fix CVE-2026-42014 hsimeliere.opensource
2026-05-20 8:14 ` [OE-core][scarthgap][PATCH 6/7] gnutls: Fix CVE-2026-42010 hsimeliere.opensource
2026-05-20 8:14 ` hsimeliere.opensource [this message]
2026-06-04 8:57 ` [OE-core][scarthgap][PATCH 1/7] gnutls: Fix CVE-2026-33846 Yoann Congal
2026-06-04 20:10 ` Yoann Congal
2026-07-06 10:48 ` Yoann Congal
2026-06-05 8:45 ` Yoann Congal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260520081403.3052797-7-hsimeliere.opensource@witekio.com \
--to=hsimeliere.opensource@witekio.com \
--cc=bruno.vernay@se.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox