diff options
author | virendra thakur <virendrak@kpit.com> | 2023-12-22 12:04:57 +0530 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2024-01-16 07:31:14 -0500 |
commit | 23ca2973ff58a6ee17f0f0863a57c573a604316f (patch) | |
tree | a6237bcf501d4292325ba593824c61d78bc2b1ef | |
parent | 474cea683ef37bf047132fd222e11335ea98b25b (diff) | |
download | meta-openembedded-23ca2973ff58a6ee17f0f0863a57c573a604316f.tar.gz |
opensc: Fix CVE-2023-40660
Upstream-Status: Backport [https://salsa.debian.org/opensc-team/opensc/-/commit/940e8bc764047c873f88bb1396933a5368d03533]
Signed-off-by: virendra thakur <virendrak@kpit.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r-- | meta-oe/recipes-support/opensc/opensc/CVE-2023-40660.patch | 55 | ||||
-rw-r--r-- | meta-oe/recipes-support/opensc/opensc_0.20.0.bb | 1 |
2 files changed, 56 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/opensc/opensc/CVE-2023-40660.patch b/meta-oe/recipes-support/opensc/opensc/CVE-2023-40660.patch new file mode 100644 index 000000000..74e547298 --- /dev/null +++ b/meta-oe/recipes-support/opensc/opensc/CVE-2023-40660.patch | |||
@@ -0,0 +1,55 @@ | |||
1 | Origin: https://github.com/OpenSC/OpenSC/commit/868f76fb31255fd3fdacfc3e476452efeb61c3e7 | ||
2 | From: Frank Morgner <frankmorgner@gmail.com> | ||
3 | Date: Wed, 21 Jun 2023 12:27:23 +0200 | ||
4 | Subject: Fixed PIN authentication bypass | ||
5 | |||
6 | If two processes are accessing a token, then one process may leave the | ||
7 | card usable with an authenticated PIN so that a key may sign/decrypt any | ||
8 | data. This is especially the case if the token does not support a way of | ||
9 | resetting the authentication status (logout). | ||
10 | |||
11 | We have some tracking of the authentication status in software via | ||
12 | PKCS#11, Minidriver (os-wise) and CryptoTokenKit, which is why a | ||
13 | PIN-prompt will appear even though the card may technically be unlocked | ||
14 | as described in the above example. However, before this change, an empty | ||
15 | PIN was not verified (likely yielding an error during PIN-verification), | ||
16 | but it was just checked whether the PIN is authenticated. This defeats | ||
17 | the purpose of the PIN verification, because an empty PIN is not the | ||
18 | correct one. Especially during OS Logon, we don't want that kind of | ||
19 | shortcut, but we want the user to verify the correct PIN (even though | ||
20 | the token was left unattended and authentication at the computer). | ||
21 | |||
22 | This essentially reverts commit e6f7373ef066cfab6e3162e8b5f692683db23864. | ||
23 | |||
24 | CVE: CVE-2023-40660 | ||
25 | Upstream-Status: Backport [https://salsa.debian.org/opensc-team/opensc/-/commit/940e8bc764047c873f88bb1396933a5368d03533] | ||
26 | Signed-off-by: Virendra Thakur <virendrak@kpit.com> | ||
27 | --- | ||
28 | src/libopensc/pkcs15-pin.c | 13 ------------- | ||
29 | 1 file changed, 13 deletions(-) | ||
30 | |||
31 | diff --git a/src/libopensc/pkcs15-pin.c b/src/libopensc/pkcs15-pin.c | ||
32 | index 80a185fecd..393234efe4 100644 | ||
33 | --- a/src/libopensc/pkcs15-pin.c | ||
34 | +++ b/src/libopensc/pkcs15-pin.c | ||
35 | @@ -307,19 +307,6 @@ | ||
36 | LOG_FUNC_RETURN(ctx, SC_ERROR_INVALID_PIN_REFERENCE); | ||
37 | auth_info = (struct sc_pkcs15_auth_info *)pin_obj->data; | ||
38 | |||
39 | - /* | ||
40 | - * if pin cache is disabled, we can get here with no PIN data. | ||
41 | - * in this case, to avoid error or unnecessary pin prompting on pinpad, | ||
42 | - * check if the PIN has been already verified and the access condition | ||
43 | - * is still open on card. | ||
44 | - */ | ||
45 | - if (pinlen == 0) { | ||
46 | - r = sc_pkcs15_get_pin_info(p15card, pin_obj); | ||
47 | - | ||
48 | - if (r == SC_SUCCESS && auth_info->logged_in == SC_PIN_STATE_LOGGED_IN) | ||
49 | - LOG_FUNC_RETURN(ctx, r); | ||
50 | - } | ||
51 | - | ||
52 | r = _validate_pin(p15card, auth_info, pinlen); | ||
53 | |||
54 | if (r) | ||
55 | |||
diff --git a/meta-oe/recipes-support/opensc/opensc_0.20.0.bb b/meta-oe/recipes-support/opensc/opensc_0.20.0.bb index b8cf203b7..3e77b8884 100644 --- a/meta-oe/recipes-support/opensc/opensc_0.20.0.bb +++ b/meta-oe/recipes-support/opensc/opensc_0.20.0.bb | |||
@@ -14,6 +14,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=7fbc338309ac38fefcd64b04bb903e34" | |||
14 | #v0.19.0 | 14 | #v0.19.0 |
15 | SRCREV = "45e29056ccde422e70ed3585084a7f150c632515" | 15 | SRCREV = "45e29056ccde422e70ed3585084a7f150c632515" |
16 | SRC_URI = "git://github.com/OpenSC/OpenSC;branch=master;protocol=https \ | 16 | SRC_URI = "git://github.com/OpenSC/OpenSC;branch=master;protocol=https \ |
17 | file://CVE-2023-40660.patch \ | ||
17 | " | 18 | " |
18 | DEPENDS = "virtual/libiconv openssl" | 19 | DEPENDS = "virtual/libiconv openssl" |
19 | 20 | ||