mbedtls: fix CVE-2024-28755 and CVE-2024-28836

An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the mbedtls_ssl_session_reset() API, the maximum TLS version to be negotiated was not restored to the configured one. An attacker was able to prevent an Mbed TLS server from establishing any TLS 1.3 connection, potentially resulting in a Denial of Service or forced version downgrade from TLS 1.3 to TLS 1.2. fix indent issue in mbedtls_3.5.2.bb file. Reference: https://security-tracker.debian.org/tracker/CVE-2024-28755 https://security-tracker.debian.org/tracker/CVE-2024-28836 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Yogita Urade <yogita.urade@windriver.com> 2025-02-05 05:24:22 +0000
committer: Armin Kuster <akuster808@gmail.com> 2025-02-09 07:58:36 -0800
commit: b7dc1e8eb72b01595a60367f8fd375625268b8a2 (patch)
tree: ce431e92541ea1a0627beeedec7888278c4659f8
parent: 068379172d52f1f119bfb8eecdc77494898ea504 (diff)
download: meta-openembedded-b7dc1e8eb72b01595a60367f8fd375625268b8a2.tar.gz
2 files changed, 71 insertions, 2 deletions
diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls/CVE-2024-28755-and-CVE-2024-28836.patch b/meta-networking/recipes-connectivity/mbedtls/mbedtls/CVE-2024-28755-and-CVE-2024-28836.patch
new file mode 100644
index 0000000000..8a2d38c23f
--- /dev/null
+++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls/CVE-2024-28755-and-CVE-2024-28836.patch
@@ -0,0 +1,67 @@
+From ad736991bb59211118a29fe115367c24495300c2 Mon Sep 17 00:00:00 2001
+From: Janos Follath <janos.follath@arm.com>
+Date: Fri, 9 Feb 2024 16:04:59 +0000
+Subject: [PATCH] Merge pull request #1177 from
+ ronald-cron-arm/tls-max-version-reset
+Reset properly the TLS maximum negotiable version
+CVE: CVE-2024-28755
+CVE: CVE-2024-28836
+Upstream-Status: Backport [https://github.com/Mbed-TLS/mbedtls/commit/ad736991bb59211118a29fe115367c24495300c2]
+Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
+---
+ library/ssl_tls.c |  1 +
+ tests/ssl-opt.sh  | 24 ++++++++++++++++++++++++
+ 2 files changed, 25 insertions(+)
+diff --git a/library/ssl_tls.c b/library/ssl_tls.c
+index cfb2798182..f3c701818b 100644
+--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
+@@ -1539,6 +1539,7 @@ int mbedtls_ssl_session_reset_int(mbedtls_ssl_context *ssl, int partial)
+     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+     ssl->state = MBEDTLS_SSL_HELLO_REQUEST;
+    ssl->tls_version = ssl->conf->max_tls_version;
+     mbedtls_ssl_session_reset_msg_layer(ssl, partial);
+diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
+index 48b3c0cb26..448bd3825f 100755
+--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
+@@ -11307,6 +11307,30 @@ run_test    "TLS 1.3: Default" \
+             -s "ECDH/FFDH group: " \
+             -s "selected signature algorithm ecdsa_secp256r1_sha256"
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
+requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
+run_test    "Establish TLS 1.2 then TLS 1.3 session" \
+            "$P_SRV" \
+            "( $P_CLI force_version=tls12; \
+               $P_CLI force_version=tls13 )" \
+            0 \
+            -s "Protocol is TLSv1.2" \
+            -s "Protocol is TLSv1.3" \
+
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
+requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
+run_test    "Establish TLS 1.3 then TLS 1.2 session" \
+            "$P_SRV" \
+            "( $P_CLI force_version=tls13; \
+               $P_CLI force_version=tls12 )" \
+            0 \
+            -s "Protocol is TLSv1.3" \
+            -s "Protocol is TLSv1.2" \
+
+ requires_openssl_tls1_3_with_compatible_ephemeral
+ requires_config_enabled MBEDTLS_DEBUG_C
+ requires_config_enabled MBEDTLS_SSL_CLI_C
+--
+2.40.0
diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.5.2.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.5.2.bb
index 2fedac48cf..829d54307a 100644
--- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.5.2.bb
+++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.5.2.bb
@@ -25,8 +25,10 @@ SECTION = "libs"
 S = "${WORKDIR}/git"
 SRCREV = "daca7a3979c22da155ec9dce49ab1abf3b65d3a9"
 SRC_URI = "git://github.com/ARMmbed/mbedtls.git;protocol=https;branch=master \
-        file://0001-AES-NI-use-target-attributes-for-x86-32-bit-intrinsi.patch \
+           file://0001-AES-NI-use-target-attributes-for-x86-32-bit-intrinsi.patch \
-        file://run-ptest"
+           file://run-ptest \
+           file://CVE-2024-28755-and-CVE-2024-28836.patch \
+          "
 UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>\d+(\.\d+)+)"
 inherit cmake update-alternatives ptest
author	Yogita Urade <yogita.urade@windriver.com>	2025-02-05 05:24:22 +0000
committer	Armin Kuster <akuster808@gmail.com>	2025-02-09 07:58:36 -0800
commit	b7dc1e8eb72b01595a60367f8fd375625268b8a2 (patch)
tree	ce431e92541ea1a0627beeedec7888278c4659f8
parent	068379172d52f1f119bfb8eecdc77494898ea504 (diff)
download	meta-openembedded-b7dc1e8eb72b01595a60367f8fd375625268b8a2.tar.gz

diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls/CVE-2024-28755-and-CVE-2024-28836.patch b/meta-networking/recipes-connectivity/mbedtls/mbedtls/CVE-2024-28755-and-CVE-2024-28836.patch new file mode 100644 index 0000000000..8a2d38c23f --- /dev/null +++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls/CVE-2024-28755-and-CVE-2024-28836.patch
@@ -0,0 +1,67 @@
		1	From ad736991bb59211118a29fe115367c24495300c2 Mon Sep 17 00:00:00 2001
		2	From: Janos Follath <janos.follath@arm.com>
		3	Date: Fri, 9 Feb 2024 16:04:59 +0000
		4	Subject: [PATCH] Merge pull request #1177 from
		5	ronald-cron-arm/tls-max-version-reset
		6
		7	Reset properly the TLS maximum negotiable version
		8
		9	CVE: CVE-2024-28755
		10	CVE: CVE-2024-28836
		11	Upstream-Status: Backport [https://github.com/Mbed-TLS/mbedtls/commit/ad736991bb59211118a29fe115367c24495300c2]
		12
		13	Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
		14	---
		15	library/ssl_tls.c \| 1 +
		16	tests/ssl-opt.sh \| 24 ++++++++++++++++++++++++
		17	2 files changed, 25 insertions(+)
		18
		19	diff --git a/library/ssl_tls.c b/library/ssl_tls.c
		20	index cfb2798182..f3c701818b 100644
		21	--- a/library/ssl_tls.c
		22	+++ b/library/ssl_tls.c
		23	@@ -1539,6 +1539,7 @@ int mbedtls_ssl_session_reset_int(mbedtls_ssl_context *ssl, int partial)
		24	int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
		25
		26	ssl->state = MBEDTLS_SSL_HELLO_REQUEST;
		27	+ ssl->tls_version = ssl->conf->max_tls_version;
		28
		29	mbedtls_ssl_session_reset_msg_layer(ssl, partial);
		30
		31	diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
		32	index 48b3c0cb26..448bd3825f 100755
		33	--- a/tests/ssl-opt.sh
		34	+++ b/tests/ssl-opt.sh
		35	@@ -11307,6 +11307,30 @@ run_test "TLS 1.3: Default" \
		36	-s "ECDH/FFDH group: " \
		37	-s "selected signature algorithm ecdsa_secp256r1_sha256"
		38
		39	+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
		40	+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
		41	+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
		42	+requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
		43	+run_test "Establish TLS 1.2 then TLS 1.3 session" \
		44	+ "$P_SRV" \
		45	+ "( $P_CLI force_version=tls12; \
		46	+ $P_CLI force_version=tls13 )" \
		47	+ 0 \
		48	+ -s "Protocol is TLSv1.2" \
		49	+ -s "Protocol is TLSv1.3" \
		50	+
		51	+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
		52	+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
		53	+requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
		54	+requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
		55	+run_test "Establish TLS 1.3 then TLS 1.2 session" \
		56	+ "$P_SRV" \
		57	+ "( $P_CLI force_version=tls13; \
		58	+ $P_CLI force_version=tls12 )" \
		59	+ 0 \
		60	+ -s "Protocol is TLSv1.3" \
		61	+ -s "Protocol is TLSv1.2" \
		62	+
		63	requires_openssl_tls1_3_with_compatible_ephemeral
		64	requires_config_enabled MBEDTLS_DEBUG_C
		65	requires_config_enabled MBEDTLS_SSL_CLI_C
		66	--
		67	2.40.0


diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.5.2.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.5.2.bb index 2fedac48cf..829d54307a 100644 --- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.5.2.bb +++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.5.2.bb
@@ -25,8 +25,10 @@ SECTION = "libs"
25	S = "${WORKDIR}/git"	25	S = "${WORKDIR}/git"
26	SRCREV = "daca7a3979c22da155ec9dce49ab1abf3b65d3a9"	26	SRCREV = "daca7a3979c22da155ec9dce49ab1abf3b65d3a9"
27	SRC_URI = "git://github.com/ARMmbed/mbedtls.git;protocol=https;branch=master \	27	SRC_URI = "git://github.com/ARMmbed/mbedtls.git;protocol=https;branch=master \
28	file://0001-AES-NI-use-target-attributes-for-x86-32-bit-intrinsi.patch \	28	file://0001-AES-NI-use-target-attributes-for-x86-32-bit-intrinsi.patch \
29	file://run-ptest"	29	file://run-ptest \
		30	file://CVE-2024-28755-and-CVE-2024-28836.patch \
		31	"
30	UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>\d+(\.\d+)+)"	32	UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>\d+(\.\d+)+)"
31		33
32	inherit cmake update-alternatives ptest	34	inherit cmake update-alternatives ptest