openssl: CVE-2015-3194, CVE-2015-3195

Fixes following vulnerabilities: Certificate verify crash with missing PSS parameter (CVE-2015-3194) X509_ATTRIBUTE memory leak (CVE-2015-3195) References: https://openssl.org/news/secadv/20151203.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195 Upstream patches: CVE-2015-3194: https://git.openssl.org/?p=openssl.git;a=commit;h= d8541d7e9e63bf5f343af24644046c8d96498c17 CVE-2015-3195: https://git.openssl.org/?p=openssl.git;a=commit;h= b29ffa392e839d05171206523e84909146f7a77c (From OE-Core rev: 09c3a0f01572a6a65e9f87ce16817ee7de3296f1) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Sona Sarmadi <sona.sarmadi@enea.com> 2015-12-15 11:07:48 +0100
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2016-01-30 12:03:14 +0000
commit: 1930286e3fa4a144dae963fb531e7caa1311c225 (patch)
tree: 19dc7efc4fb501afd46b544ff1daf163424d5c23
parent: d4db68ae6bae2d9c6d7ed17a0dbce17477b84c9d (diff)
download: poky-1930286e3fa4a144dae963fb531e7caa1311c225.tar.gz
3 files changed, 100 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2015-3194-Add-PSS-parameter-check.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2015-3194-Add-PSS-parameter-check.patch
new file mode 100644
index 0000000000..a6697caa88
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2015-3194-Add-PSS-parameter-check.patch
@@ -0,0 +1,37 @@
+From d8541d7e9e63bf5f343af24644046c8d96498c17 Mon Sep 17 00:00:00 2001
+From: "Dr. Stephen Henson" <steve@openssl.org>
+Date: Fri, 2 Oct 2015 13:10:29 +0100
+Subject:Add PSS parameter check.
+Avoid seg fault by checking mgf1 parameter is not NULL. This can be
+triggered during certificate verification so could be a DoS attack
+against a client or a server enabling client authentication.
+Thanks to Loïc Jonas Etienne (Qnective AG) for discovering this bug.
+CVE-2015-3194
+Upstream-Status: Backport
+Reviewed-by: Matt Caswell <matt@openssl.org>
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ crypto/rsa/rsa_ameth.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
+index 93e071d..c7f1148 100644
+--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
+@@ -279,7 +279,7 @@ static RSA_PSS_PARAMS *rsa_pss_decode(const X509_ALGOR *alg,
+     if (pss->maskGenAlgorithm) {
+         ASN1_TYPE *param = pss->maskGenAlgorithm->parameter;
+         if (OBJ_obj2nid(pss->maskGenAlgorithm->algorithm) == NID_mgf1
+-            && param->type == V_ASN1_SEQUENCE) {
+            && param && param->type == V_ASN1_SEQUENCE) {
+             p = param->value.sequence->data;
+             plen = param->value.sequence->length;
+             *pmaskHash = d2i_X509_ALGOR(NULL, &p, plen);
+-- 
+1.9.1
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch
new file mode 100644
index 0000000000..be705c022b
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch
@@ -0,0 +1,61 @@
+commit b29ffa392e839d05171206523e84909146f7a77c
+Author: Dr. Stephen Henson <steve@openssl.org>
+Date: Tue, 10 Nov 2015 19:03:07 +0000
+Subject: Fix leak with ASN.1 combine.
+When parsing a combined structure pass a flag to the decode routine
+so on error a pointer to the parent structure is not zeroed as
+this will leak any additional components in the parent.
+This can leak memory in any application parsing PKCS#7 or CMS structures.
+CVE-2015-3195.
+Upstream-Status: Backport
+Thanks to Adam Langley (Google/BoringSSL) for discovering this bug using
+libFuzzer.
+PR#4131
+Reviewed-by: Richard Levitte <levitte@openssl.org>
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ crypto/asn1/tasn_dec.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c
+index febf605..9256049 100644
+--- a/crypto/asn1/tasn_dec.c
+++ b/crypto/asn1/tasn_dec.c
+@@ -180,6 +180,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
+     int otag;
+     int ret = 0;
+     ASN1_VALUE **pchptr, *ptmpval;
+    int combine = aclass & ASN1_TFLG_COMBINE;
+    aclass &= ~ASN1_TFLG_COMBINE;
+     if (!pval)
+         return 0;
+     if (aux && aux->asn1_cb)
+@@ -500,7 +502,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
+  auxerr:
+     ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR);
+  err:
+-    ASN1_item_ex_free(pval, it);
+    if (combine == 0)
+        ASN1_item_ex_free(pval, it);
+     if (errtt)
+         ERR_add_error_data(4, "Field=", errtt->field_name,
+                            ", Type=", it->sname);
+@@ -689,7 +692,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
+     } else {
+         /* Nothing special */
+         ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
+-                               -1, 0, opt, ctx);
+                               -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx);
+         if (!ret) {
+             ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
+             goto err;
+-- 
+1.9.1
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.1p.bb b/meta/recipes-connectivity/openssl/openssl_1.0.1p.bb
index 3f6179089b..1d0242f504 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.1p.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.1p.bb
@@ -34,6 +34,8 @@ SRC_URI += "file://configure-targets.patch \
            file://Makefiles-ptest.patch \
            file://ptest-deps.patch \
            file://run-ptest \
+            file://CVE-2015-3194-Add-PSS-parameter-check.patch \
+            file://CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch \
           "
 SRC_URI[md5sum] = "7563e92327199e0067ccd0f79f436976"
author	Sona Sarmadi <sona.sarmadi@enea.com>	2015-12-15 11:07:48 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2016-01-30 12:03:14 +0000
commit	1930286e3fa4a144dae963fb531e7caa1311c225 (patch)
tree	19dc7efc4fb501afd46b544ff1daf163424d5c23
parent	d4db68ae6bae2d9c6d7ed17a0dbce17477b84c9d (diff)
download	poky-1930286e3fa4a144dae963fb531e7caa1311c225.tar.gz

diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2015-3194-Add-PSS-parameter-check.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2015-3194-Add-PSS-parameter-check.patch new file mode 100644 index 0000000000..a6697caa88 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2015-3194-Add-PSS-parameter-check.patch
@@ -0,0 +1,37 @@
		1	From d8541d7e9e63bf5f343af24644046c8d96498c17 Mon Sep 17 00:00:00 2001
		2	From: "Dr. Stephen Henson" <steve@openssl.org>
		3	Date: Fri, 2 Oct 2015 13:10:29 +0100
		4	Subject:Add PSS parameter check.
		5
		6	Avoid seg fault by checking mgf1 parameter is not NULL. This can be
		7	triggered during certificate verification so could be a DoS attack
		8	against a client or a server enabling client authentication.
		9
		10	Thanks to Loïc Jonas Etienne (Qnective AG) for discovering this bug.
		11
		12	CVE-2015-3194
		13
		14	Upstream-Status: Backport
		15
		16	Reviewed-by: Matt Caswell <matt@openssl.org>
		17	Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
		18	---
		19	crypto/rsa/rsa_ameth.c \| 2 +-
		20	1 file changed, 1 insertion(+), 1 deletion(-)
		21
		22	diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
		23	index 93e071d..c7f1148 100644
		24	--- a/crypto/rsa/rsa_ameth.c
		25	+++ b/crypto/rsa/rsa_ameth.c
		26	@@ -279,7 +279,7 @@ static RSA_PSS_PARAMS rsa_pss_decode(const X509_ALGOR alg,
		27	if (pss->maskGenAlgorithm) {
		28	ASN1_TYPE *param = pss->maskGenAlgorithm->parameter;
		29	if (OBJ_obj2nid(pss->maskGenAlgorithm->algorithm) == NID_mgf1
		30	- && param->type == V_ASN1_SEQUENCE) {
		31	+ && param && param->type == V_ASN1_SEQUENCE) {
		32	p = param->value.sequence->data;
		33	plen = param->value.sequence->length;
		34	*pmaskHash = d2i_X509_ALGOR(NULL, &p, plen);
		35	--
		36	1.9.1
		37


diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch new file mode 100644 index 0000000000..be705c022b --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch
@@ -0,0 +1,61 @@
		1	commit b29ffa392e839d05171206523e84909146f7a77c
		2	Author: Dr. Stephen Henson <steve@openssl.org>
		3	Date: Tue, 10 Nov 2015 19:03:07 +0000
		4	Subject: Fix leak with ASN.1 combine.
		5
		6	When parsing a combined structure pass a flag to the decode routine
		7	so on error a pointer to the parent structure is not zeroed as
		8	this will leak any additional components in the parent.
		9
		10	This can leak memory in any application parsing PKCS#7 or CMS structures.
		11
		12	CVE-2015-3195.
		13
		14	Upstream-Status: Backport
		15
		16	Thanks to Adam Langley (Google/BoringSSL) for discovering this bug using
		17	libFuzzer.
		18
		19	PR#4131
		20
		21	Reviewed-by: Richard Levitte <levitte@openssl.org>
		22	Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
		23	---
		24	crypto/asn1/tasn_dec.c \| 7 +++++--
		25	1 file changed, 5 insertions(+), 2 deletions(-)
		26
		27	diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c
		28	index febf605..9256049 100644
		29	--- a/crypto/asn1/tasn_dec.c
		30	+++ b/crypto/asn1/tasn_dec.c
		31	@@ -180,6 +180,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE pval, const unsigned char in, long len,
		32	int otag;
		33	int ret = 0;
		34	ASN1_VALUE *pchptr, ptmpval;
		35	+ int combine = aclass & ASN1_TFLG_COMBINE;
		36	+ aclass &= ~ASN1_TFLG_COMBINE;
		37	if (!pval)
		38	return 0;
		39	if (aux && aux->asn1_cb)
		40	@@ -500,7 +502,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE pval, const unsigned char in, long len,
		41	auxerr:
		42	ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR);
		43	err:
		44	- ASN1_item_ex_free(pval, it);
		45	+ if (combine == 0)
		46	+ ASN1_item_ex_free(pval, it);
		47	if (errtt)
		48	ERR_add_error_data(4, "Field=", errtt->field_name,
		49	", Type=", it->sname);
		50	@@ -689,7 +692,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
		51	} else {
		52	/* Nothing special */
		53	ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
		54	- -1, 0, opt, ctx);
		55	+ -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx);
		56	if (!ret) {
		57	ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
		58	goto err;
		59	--
		60	1.9.1
		61


diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.1p.bb b/meta/recipes-connectivity/openssl/openssl_1.0.1p.bb index 3f6179089b..1d0242f504 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.0.1p.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.0.1p.bb
@@ -34,6 +34,8 @@ SRC_URI += "file://configure-targets.patch \
34	file://Makefiles-ptest.patch \	34	file://Makefiles-ptest.patch \
35	file://ptest-deps.patch \	35	file://ptest-deps.patch \
36	file://run-ptest \	36	file://run-ptest \
		37	file://CVE-2015-3194-Add-PSS-parameter-check.patch \
		38	file://CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch \
37	"	39	"
38		40
39	SRC_URI[md5sum] = "7563e92327199e0067ccd0f79f436976"	41	SRC_URI[md5sum] = "7563e92327199e0067ccd0f79f436976"