[Midnightbsd-cvs] [MidnightBSD/src] 98c487: OpenSSL security fix

Lucas Holt noreply at github.com
Thu Feb 16 14:40:58 EST 2023 

  Branch: refs/heads/stable/3.0
  Home:   https://github.com/MidnightBSD/src
  Commit: 98c487cf8da580c8a0a919f0ed91613c01f02849
      https://github.com/MidnightBSD/src/commit/98c487cf8da580c8a0a919f0ed91613c01f02849
  Author: Lucas Holt <luke at foolishgames.com>
  Date:   2023-02-16 (Thu, 16 Feb 2023)

  Changed paths:
    M crypto/openssl/crypto/asn1/bio_ndef.c
    M crypto/openssl/crypto/bn/bn_blind.c
    M crypto/openssl/crypto/bn/bn_err.c
    M crypto/openssl/crypto/bn/bn_local.h
    A crypto/openssl/crypto/bn/rsa_sup_mul.c
    M crypto/openssl/crypto/err/openssl.txt
    M crypto/openssl/crypto/pem/pem_lib.c
    M crypto/openssl/crypto/rsa/rsa_ossl.c
    M crypto/openssl/crypto/x509v3/v3_genn.c
    M crypto/openssl/include/crypto/bn.h
    M crypto/openssl/include/openssl/bnerr.h
    M crypto/openssl/include/openssl/x509v3.h
    M secure/lib/libcrypto/Makefile

  Log Message:
  -----------
  OpenSSL security fix

* X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)

There is a type confusion vulnerability relating to X.400 address processing
inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but
the public structure definition for GENERAL_NAME incorrectly specified the type
of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by
the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an
ASN1_STRING.

* Timing Oracle in RSA Decryption (CVE-2022-4304)

A timing based side channel exists in the OpenSSL RSA Decryption
implementation.

* Use-after-free following BIO_new_NDEF (CVE-2023-0215)

The public API function BIO_new_NDEF is a helper function used for streaming
ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support
the SMIME, CMS and PKCS7 streaming capabilities, but may also be called
directly by end user applications.

The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter
BIO onto the front of it to form a BIO chain, and then returns the new head
of the BIO chain to the caller. Under certain conditions, for example if a
CMS recipient public key is invalid, the new filter BIO is freed and the
function returns a NULL result indicating a failure. However, in this case,
the BIO chain is not properly cleaned up and the BIO passed by the caller
still retains internal pointers to the previously freed filter BIO.

* Double free after calling PEM_read_bio_ex (CVE-2022-4450)

The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and
decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload
data.  If the function succeeds then the "name_out", "header" and "data"
arguments are populated with pointers to buffers containing the relevant
decoded data. The caller is responsible for freeing those buffers. It is
possible to construct a PEM file that results in 0 bytes of payload data. In
this case PEM_read_bio_ex() will return a failure code but will populate the
header argument with a pointer to a buffer that has already been freed.

Obtained from: FreeBSD, OpenSSL

More information about the Midnightbsd-cvs mailing list