* [PATCH] openssl: fix for CVE-2015-1794
@ 2015-12-09 2:03 Fan Xin
2015-12-09 11:52 ` Burton, Ross
0 siblings, 1 reply; 5+ messages in thread
From: Fan Xin @ 2015-12-09 2:03 UTC (permalink / raw)
To: openembedded-core; +Cc: Fan Xin
This patch was imported from
https://git.openssl.org/?p=openssl.git;a=commit;h=ada57746b6b80beae73111fe1291bf8dd89af91c
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
---
.../Fix-seg-fault-with-0-p-val-in-SKE.patch | 101 +++++++++++++++++++++
.../recipes-connectivity/openssl/openssl_1.0.2d.bb | 1 +
2 files changed, 102 insertions(+)
create mode 100644 meta/recipes-connectivity/openssl/openssl/Fix-seg-fault-with-0-p-val-in-SKE.patch
diff --git a/meta/recipes-connectivity/openssl/openssl/Fix-seg-fault-with-0-p-val-in-SKE.patch b/meta/recipes-connectivity/openssl/openssl/Fix-seg-fault-with-0-p-val-in-SKE.patch
new file mode 100644
index 0000000..4776807
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/Fix-seg-fault-with-0-p-val-in-SKE.patch
@@ -0,0 +1,101 @@
+Upstream-Status: Backport
+
+From ada57746b6b80beae73111fe1291bf8dd89af91c Mon Sep 17 00:00:00 2001
+From: Guy Leaver (guleaver) <guleaver@cisco.com>
+Date: Fri, 7 Aug 2015 15:45:21 +0100
+Subject: [PATCH] Fix seg fault with 0 p val in SKE
+
+If a client receives a ServerKeyExchange for an anon DH ciphersuite with the
+value of p set to 0 then a seg fault can occur. This commits adds a test to
+reject p, g and pub key parameters that have a 0 value (in accordance with
+RFC 5246)
+
+The security vulnerability only affects master and 1.0.2, but the fix is
+additionally applied to 1.0.1 for additional confidence.
+
+CVE-2015-1794
+
+Reviewed-by: Richard Levitte <levitte@openssl.org>
+Reviewed-by: Matt Caswell <matt@openssl.org>
+---
+ ssl/s3_clnt.c | 16 ++++++++++++++++
+ ssl/ssl.h | 3 +++
+ ssl/ssl_err.c | 3 +++
+ 3 files changed, 22 insertions(+), 0 deletions(-)
+
+diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
+index 6af145a..2059151 100644
+--- a/ssl/s3_clnt.c
++++ b/ssl/s3_clnt.c
+@@ -1699,6 +1699,12 @@ int ssl3_get_key_exchange(SSL *s)
+ }
+ p += i;
+
++ if (BN_is_zero(dh->p)) {
++ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_P_VALUE);
++ goto f_err;
++ }
++
++
+ if (2 > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+@@ -1719,6 +1725,11 @@ int ssl3_get_key_exchange(SSL *s)
+ }
+ p += i;
+
++ if (BN_is_zero(dh->g)) {
++ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_G_VALUE);
++ goto f_err;
++ }
++
+ if (2 > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+@@ -1740,6 +1751,11 @@ int ssl3_get_key_exchange(SSL *s)
+ p += i;
+ n -= param_len;
+
++ if (BN_is_zero(dh->pub_key)) {
++ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_PUB_KEY_VALUE);
++ goto f_err;
++ }
++
+ # ifndef OPENSSL_NO_RSA
+ if (alg_a & SSL_aRSA)
+ pkey =
+diff --git a/ssl/ssl.h b/ssl/ssl.h
+index 6fe1a24..c6c5bce 100644
+--- a/ssl/ssl.h
++++ b/ssl/ssl.h
+@@ -2846,8 +2846,11 @@ void ERR_load_SSL_strings(void);
+ # define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
+ # define SSL_R_BAD_DECOMPRESSION 107
+ # define SSL_R_BAD_DH_G_LENGTH 108
++# define SSL_R_BAD_DH_G_VALUE 375
+ # define SSL_R_BAD_DH_PUB_KEY_LENGTH 109
++# define SSL_R_BAD_DH_PUB_KEY_VALUE 393
+ # define SSL_R_BAD_DH_P_LENGTH 110
++# define SSL_R_BAD_DH_P_VALUE 395
+ # define SSL_R_BAD_DIGEST_LENGTH 111
+ # define SSL_R_BAD_DSA_SIGNATURE 112
+ # define SSL_R_BAD_ECC_CERT 304
+diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
+index 1a6030e..202228b 100644
+--- a/ssl/ssl_err.c
++++ b/ssl/ssl_err.c
+@@ -386,8 +386,11 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
+ "bad data returned by callback"},
+ {ERR_REASON(SSL_R_BAD_DECOMPRESSION), "bad decompression"},
+ {ERR_REASON(SSL_R_BAD_DH_G_LENGTH), "bad dh g length"},
++ {ERR_REASON(SSL_R_BAD_DH_G_VALUE), "bad dh g value"},
+ {ERR_REASON(SSL_R_BAD_DH_PUB_KEY_LENGTH), "bad dh pub key length"},
++ {ERR_REASON(SSL_R_BAD_DH_PUB_KEY_VALUE), "bad dh pub key value"},
+ {ERR_REASON(SSL_R_BAD_DH_P_LENGTH), "bad dh p length"},
++ {ERR_REASON(SSL_R_BAD_DH_P_VALUE), "bad dh p value"},
+ {ERR_REASON(SSL_R_BAD_DIGEST_LENGTH), "bad digest length"},
+ {ERR_REASON(SSL_R_BAD_DSA_SIGNATURE), "bad dsa signature"},
+ {ERR_REASON(SSL_R_BAD_ECC_CERT), "bad ecc cert"},
+--
+1.7.0.4
+
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb
index 249f8c4..c5a2a65 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb
@@ -37,6 +37,7 @@ SRC_URI += "file://find.pl;subdir=${BP}/util/ \
file://crypto_use_bigint_in_x86-64_perl.patch \
file://openssl-1.0.2a-x32-asm.patch \
file://ptest_makefile_deps.patch \
+ file://Fix-seg-fault-with-0-p-val-in-SKE.patch \
"
SRC_URI[md5sum] = "38dd619b2e77cbac69b99f52a053d25a"
--
1.8.4.2
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH] openssl: fix for CVE-2015-1794
2015-12-09 2:03 [PATCH] openssl: fix for CVE-2015-1794 Fan Xin
@ 2015-12-09 11:52 ` Burton, Ross
2015-12-09 13:33 ` Alexander Kanavin
` (2 more replies)
0 siblings, 3 replies; 5+ messages in thread
From: Burton, Ross @ 2015-12-09 11:52 UTC (permalink / raw)
To: Fan Xin; +Cc: OE-core
[-- Attachment #1: Type: text/plain, Size: 1138 bytes --]
On 9 December 2015 at 02:03, Fan Xin <fan.xin@jp.fujitsu.com> wrote:
> +++
> b/meta/recipes-connectivity/openssl/openssl/Fix-seg-fault-with-0-p-val-in-SKE.patch
> @@ -0,0 +1,101 @@
> +Upstream-Status: Backport
> +
> +From ada57746b6b80beae73111fe1291bf8dd89af91c Mon Sep 17 00:00:00 2001
> +From: Guy Leaver (guleaver) <guleaver@cisco.com>
> +Date: Fri, 7 Aug 2015 15:45:21 +0100
> +Subject: [PATCH] Fix seg fault with 0 p val in SKE
> +
> +If a client receives a ServerKeyExchange for an anon DH ciphersuite with
> the
> +value of p set to 0 then a seg fault can occur. This commits adds a test
> to
> +reject p, g and pub key parameters that have a 0 value (in accordance with
> +RFC 5246)
> +
> +The security vulnerability only affects master and 1.0.2, but the fix is
> +additionally applied to 1.0.1 for additional confidence.
> +
> +CVE-2015-1794
> +
> +Reviewed-by: Richard Levitte <levitte@openssl.org>
> +Reviewed-by: Matt Caswell <matt@openssl.org>
>
This patch needs to have your (or whoever actually did the work)
signed-off-by inside the patch, alongside the Upstream-Status.
Thanks,
Ross
[-- Attachment #2: Type: text/html, Size: 1797 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] openssl: fix for CVE-2015-1794
2015-12-09 11:52 ` Burton, Ross
@ 2015-12-09 13:33 ` Alexander Kanavin
2015-12-10 2:58 ` Fan Xin
2015-12-11 7:24 ` [PATCH v2][jethro] " Fan Xin
2 siblings, 0 replies; 5+ messages in thread
From: Alexander Kanavin @ 2015-12-09 13:33 UTC (permalink / raw)
To: openembedded-core
On 12/09/2015 01:52 PM, Burton, Ross wrote:
> This patch needs to have your (or whoever actually did the work)
> signed-off-by inside the patch, alongside the Upstream-Status.
Also, it's been fixed in openssl 1.0.2e with a bunch of other CVEs -
I'll send an update for that shortly.
Generally, for oe-core master we always prefer an update to latest
upstream instead of adding backported patches.
Alex
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] openssl: fix for CVE-2015-1794
2015-12-09 11:52 ` Burton, Ross
2015-12-09 13:33 ` Alexander Kanavin
@ 2015-12-10 2:58 ` Fan Xin
2015-12-11 7:24 ` [PATCH v2][jethro] " Fan Xin
2 siblings, 0 replies; 5+ messages in thread
From: Fan Xin @ 2015-12-10 2:58 UTC (permalink / raw)
To: Burton, Ross; +Cc: OE-core
Thanks for your kindly check.
I will correct it in Patch v2.
Best Regards,
Fan
On 2015年12月09日 20:52, Burton, Ross wrote:
>
> On 9 December 2015 at 02:03, Fan Xin <fan.xin@jp.fujitsu.com
> <mailto:fan.xin@jp.fujitsu.com>> wrote:
>
> +++
> b/meta/recipes-connectivity/openssl/openssl/Fix-seg-fault-with-0-p-val-in-SKE.patch
> @@ -0,0 +1,101 @@
> +Upstream-Status: Backport
> +
> +From ada57746b6b80beae73111fe1291bf8dd89af91c Mon Sep 17 00:00:00 2001
> +From: Guy Leaver (guleaver) <guleaver@cisco.com
> <mailto:guleaver@cisco.com>>
> +Date: Fri, 7 Aug 2015 15:45:21 +0100
> +Subject: [PATCH] Fix seg fault with 0 p val in SKE
> +
> +If a client receives a ServerKeyExchange for an anon DH ciphersuite
> with the
> +value of p set to 0 then a seg fault can occur. This commits adds a
> test to
> +reject p, g and pub key parameters that have a 0 value (in
> accordance with
> +RFC 5246)
> +
> +The security vulnerability only affects master and 1.0.2, but the
> fix is
> +additionally applied to 1.0.1 for additional confidence.
> +
> +CVE-2015-1794
> +
> +Reviewed-by: Richard Levitte <levitte@openssl.org
> <mailto:levitte@openssl.org>>
> +Reviewed-by: Matt Caswell <matt@openssl.org <mailto:matt@openssl.org>>
>
>
> This patch needs to have your (or whoever actually did the work)
> signed-off-by inside the patch, alongside the Upstream-Status.
>
> Thanks,
> Ross
--
=====================================================
株式会社富士通コンピュータテクノロジーズ
組込みシステム技術統括部 第一ファームウェア技術部
樊 昕 Fan Xin
fan.xin@jp.fujitsu.com
┏┓ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
┗■ 【ubinux V15】のリリースを開始しました!
「SDN(Open vSwitch)」や「クラウド管理(OpenStack Heat)」などに対応
---------------------------------------------------------------------
詳細>>http://elsc.utsfd.cs.fujitsu.co.jp/location_elsc.php?id=0024
※"ubinux"は組込み装置向け当社独自のLinuxディストリビューションです
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH v2][jethro] openssl: fix for CVE-2015-1794
2015-12-09 11:52 ` Burton, Ross
2015-12-09 13:33 ` Alexander Kanavin
2015-12-10 2:58 ` Fan Xin
@ 2015-12-11 7:24 ` Fan Xin
2 siblings, 0 replies; 5+ messages in thread
From: Fan Xin @ 2015-12-11 7:24 UTC (permalink / raw)
To: openembedded-core; +Cc: Fan Xin
This patch was imported from
https://git.openssl.org/?p=openssl.git;a=commit;h=ada57746b6b80beae73111fe1291bf8dd89af91c
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
---
.../Fix-seg-fault-with-0-p-val-in-SKE.patch | 103 +++++++++++++++++++++
.../recipes-connectivity/openssl/openssl_1.0.2d.bb | 1 +
2 files changed, 104 insertions(+)
create mode 100644 meta/recipes-connectivity/openssl/openssl/Fix-seg-fault-with-0-p-val-in-SKE.patch
diff --git a/meta/recipes-connectivity/openssl/openssl/Fix-seg-fault-with-0-p-val-in-SKE.patch b/meta/recipes-connectivity/openssl/openssl/Fix-seg-fault-with-0-p-val-in-SKE.patch
new file mode 100644
index 0000000..e6715e5
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/Fix-seg-fault-with-0-p-val-in-SKE.patch
@@ -0,0 +1,103 @@
+Upstream-Status: Backport
+
+Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
+
+From ada57746b6b80beae73111fe1291bf8dd89af91c Mon Sep 17 00:00:00 2001
+From: Guy Leaver (guleaver) <guleaver@cisco.com>
+Date: Fri, 7 Aug 2015 15:45:21 +0100
+Subject: [PATCH] Fix seg fault with 0 p val in SKE
+
+If a client receives a ServerKeyExchange for an anon DH ciphersuite with the
+value of p set to 0 then a seg fault can occur. This commits adds a test to
+reject p, g and pub key parameters that have a 0 value (in accordance with
+RFC 5246)
+
+The security vulnerability only affects master and 1.0.2, but the fix is
+additionally applied to 1.0.1 for additional confidence.
+
+CVE-2015-1794
+
+Reviewed-by: Richard Levitte <levitte@openssl.org>
+Reviewed-by: Matt Caswell <matt@openssl.org>
+---
+ ssl/s3_clnt.c | 16 ++++++++++++++++
+ ssl/ssl.h | 3 +++
+ ssl/ssl_err.c | 3 +++
+ 3 files changed, 22 insertions(+), 0 deletions(-)
+
+diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
+index 6af145a..2059151 100644
+--- a/ssl/s3_clnt.c
++++ b/ssl/s3_clnt.c
+@@ -1699,6 +1699,12 @@ int ssl3_get_key_exchange(SSL *s)
+ }
+ p += i;
+
++ if (BN_is_zero(dh->p)) {
++ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_P_VALUE);
++ goto f_err;
++ }
++
++
+ if (2 > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+@@ -1719,6 +1725,11 @@ int ssl3_get_key_exchange(SSL *s)
+ }
+ p += i;
+
++ if (BN_is_zero(dh->g)) {
++ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_G_VALUE);
++ goto f_err;
++ }
++
+ if (2 > n - param_len) {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+@@ -1740,6 +1751,11 @@ int ssl3_get_key_exchange(SSL *s)
+ p += i;
+ n -= param_len;
+
++ if (BN_is_zero(dh->pub_key)) {
++ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_BAD_DH_PUB_KEY_VALUE);
++ goto f_err;
++ }
++
+ # ifndef OPENSSL_NO_RSA
+ if (alg_a & SSL_aRSA)
+ pkey =
+diff --git a/ssl/ssl.h b/ssl/ssl.h
+index 6fe1a24..c6c5bce 100644
+--- a/ssl/ssl.h
++++ b/ssl/ssl.h
+@@ -2846,8 +2846,11 @@ void ERR_load_SSL_strings(void);
+ # define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
+ # define SSL_R_BAD_DECOMPRESSION 107
+ # define SSL_R_BAD_DH_G_LENGTH 108
++# define SSL_R_BAD_DH_G_VALUE 375
+ # define SSL_R_BAD_DH_PUB_KEY_LENGTH 109
++# define SSL_R_BAD_DH_PUB_KEY_VALUE 393
+ # define SSL_R_BAD_DH_P_LENGTH 110
++# define SSL_R_BAD_DH_P_VALUE 395
+ # define SSL_R_BAD_DIGEST_LENGTH 111
+ # define SSL_R_BAD_DSA_SIGNATURE 112
+ # define SSL_R_BAD_ECC_CERT 304
+diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
+index 1a6030e..202228b 100644
+--- a/ssl/ssl_err.c
++++ b/ssl/ssl_err.c
+@@ -386,8 +386,11 @@ static ERR_STRING_DATA SSL_str_reasons[] = {
+ "bad data returned by callback"},
+ {ERR_REASON(SSL_R_BAD_DECOMPRESSION), "bad decompression"},
+ {ERR_REASON(SSL_R_BAD_DH_G_LENGTH), "bad dh g length"},
++ {ERR_REASON(SSL_R_BAD_DH_G_VALUE), "bad dh g value"},
+ {ERR_REASON(SSL_R_BAD_DH_PUB_KEY_LENGTH), "bad dh pub key length"},
++ {ERR_REASON(SSL_R_BAD_DH_PUB_KEY_VALUE), "bad dh pub key value"},
+ {ERR_REASON(SSL_R_BAD_DH_P_LENGTH), "bad dh p length"},
++ {ERR_REASON(SSL_R_BAD_DH_P_VALUE), "bad dh p value"},
+ {ERR_REASON(SSL_R_BAD_DIGEST_LENGTH), "bad digest length"},
+ {ERR_REASON(SSL_R_BAD_DSA_SIGNATURE), "bad dsa signature"},
+ {ERR_REASON(SSL_R_BAD_ECC_CERT), "bad ecc cert"},
+--
+1.7.0.4
+
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb
index 249f8c4..c5a2a65 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb
@@ -37,6 +37,7 @@ SRC_URI += "file://find.pl;subdir=${BP}/util/ \
file://crypto_use_bigint_in_x86-64_perl.patch \
file://openssl-1.0.2a-x32-asm.patch \
file://ptest_makefile_deps.patch \
+ file://Fix-seg-fault-with-0-p-val-in-SKE.patch \
"
SRC_URI[md5sum] = "38dd619b2e77cbac69b99f52a053d25a"
--
1.8.4.2
^ permalink raw reply related [flat|nested] 5+ messages in thread
end of thread, other threads:[~2015-12-11 7:23 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-12-09 2:03 [PATCH] openssl: fix for CVE-2015-1794 Fan Xin
2015-12-09 11:52 ` Burton, Ross
2015-12-09 13:33 ` Alexander Kanavin
2015-12-10 2:58 ` Fan Xin
2015-12-11 7:24 ` [PATCH v2][jethro] " Fan Xin
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.