diff options
author | Peter Marko <peter.marko@siemens.com> | 2024-04-14 00:02:16 +0200 |
---|---|---|
committer | Steve Sakoman <steve@sakoman.com> | 2024-04-19 04:50:38 -0700 |
commit | 9d9c54071e9b396fc02eafd1cb48a94b50db1c05 (patch) | |
tree | 46e8f7de5dd32192d2611b177592ca6138126232 | |
parent | 0603438c81bc53a807ed85ebe1538f52a7b78887 (diff) | |
download | poky-9d9c54071e9b396fc02eafd1cb48a94b50db1c05.tar.gz |
openssl: patch CVE-2024-2511
Patch: https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d
News: https://github.com/openssl/openssl/commit/daee101e39073d4b65a68faeb2f2de5ad7b05c36
(From OE-Core rev: 42fc40198dfcbb5e96d7f2af7fc134e2b021d82a)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch | 122 | ||||
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl_3.0.13.bb | 1 |
2 files changed, 123 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch new file mode 100644 index 0000000000..8aea686205 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-2511.patch | |||
@@ -0,0 +1,122 @@ | |||
1 | From b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d Mon Sep 17 00:00:00 2001 | ||
2 | From: Matt Caswell <matt@openssl.org> | ||
3 | Date: Tue, 5 Mar 2024 15:43:53 +0000 | ||
4 | Subject: [PATCH] Fix unconstrained session cache growth in TLSv1.3 | ||
5 | |||
6 | In TLSv1.3 we create a new session object for each ticket that we send. | ||
7 | We do this by duplicating the original session. If SSL_OP_NO_TICKET is in | ||
8 | use then the new session will be added to the session cache. However, if | ||
9 | early data is not in use (and therefore anti-replay protection is being | ||
10 | used), then multiple threads could be resuming from the same session | ||
11 | simultaneously. If this happens and a problem occurs on one of the threads, | ||
12 | then the original session object could be marked as not_resumable. When we | ||
13 | duplicate the session object this not_resumable status gets copied into the | ||
14 | new session object. The new session object is then added to the session | ||
15 | cache even though it is not_resumable. | ||
16 | |||
17 | Subsequently, another bug means that the session_id_length is set to 0 for | ||
18 | sessions that are marked as not_resumable - even though that session is | ||
19 | still in the cache. Once this happens the session can never be removed from | ||
20 | the cache. When that object gets to be the session cache tail object the | ||
21 | cache never shrinks again and grows indefinitely. | ||
22 | |||
23 | CVE-2024-2511 | ||
24 | |||
25 | Reviewed-by: Neil Horman <nhorman@openssl.org> | ||
26 | Reviewed-by: Tomas Mraz <tomas@openssl.org> | ||
27 | (Merged from https://github.com/openssl/openssl/pull/24044) | ||
28 | |||
29 | (cherry picked from commit 7e4d731b1c07201ad9374c1cd9ac5263bdf35bce) | ||
30 | |||
31 | CVE: CVE-2024-2511 | ||
32 | Upstream-Status: Backport [https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d] | ||
33 | Signed-off-by: Peter Marko <peter.marko@siemens.com> | ||
34 | --- | ||
35 | ssl/ssl_lib.c | 5 +++-- | ||
36 | ssl/ssl_sess.c | 28 ++++++++++++++++++++++------ | ||
37 | ssl/statem/statem_srvr.c | 5 ++--- | ||
38 | 3 files changed, 27 insertions(+), 11 deletions(-) | ||
39 | |||
40 | diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c | ||
41 | index 2c8479eb5fc69..eed649c6fdee9 100644 | ||
42 | --- a/ssl/ssl_lib.c | ||
43 | +++ b/ssl/ssl_lib.c | ||
44 | @@ -3736,9 +3736,10 @@ void ssl_update_cache(SSL *s, int mode) | ||
45 | |||
46 | /* | ||
47 | * If the session_id_length is 0, we are not supposed to cache it, and it | ||
48 | - * would be rather hard to do anyway :-) | ||
49 | + * would be rather hard to do anyway :-). Also if the session has already | ||
50 | + * been marked as not_resumable we should not cache it for later reuse. | ||
51 | */ | ||
52 | - if (s->session->session_id_length == 0) | ||
53 | + if (s->session->session_id_length == 0 || s->session->not_resumable) | ||
54 | return; | ||
55 | |||
56 | /* | ||
57 | diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c | ||
58 | index d836b33ed0e81..75adbd9e52b40 100644 | ||
59 | --- a/ssl/ssl_sess.c | ||
60 | +++ b/ssl/ssl_sess.c | ||
61 | @@ -152,16 +152,11 @@ SSL_SESSION *SSL_SESSION_new(void) | ||
62 | return ss; | ||
63 | } | ||
64 | |||
65 | -SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src) | ||
66 | -{ | ||
67 | - return ssl_session_dup(src, 1); | ||
68 | -} | ||
69 | - | ||
70 | /* | ||
71 | * Create a new SSL_SESSION and duplicate the contents of |src| into it. If | ||
72 | * ticket == 0 then no ticket information is duplicated, otherwise it is. | ||
73 | */ | ||
74 | -SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket) | ||
75 | +static SSL_SESSION *ssl_session_dup_intern(const SSL_SESSION *src, int ticket) | ||
76 | { | ||
77 | SSL_SESSION *dest; | ||
78 | |||
79 | @@ -285,6 +280,27 @@ SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket) | ||
80 | return NULL; | ||
81 | } | ||
82 | |||
83 | +SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src) | ||
84 | +{ | ||
85 | + return ssl_session_dup_intern(src, 1); | ||
86 | +} | ||
87 | + | ||
88 | +/* | ||
89 | + * Used internally when duplicating a session which might be already shared. | ||
90 | + * We will have resumed the original session. Subsequently we might have marked | ||
91 | + * it as non-resumable (e.g. in another thread) - but this copy should be ok to | ||
92 | + * resume from. | ||
93 | + */ | ||
94 | +SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket) | ||
95 | +{ | ||
96 | + SSL_SESSION *sess = ssl_session_dup_intern(src, ticket); | ||
97 | + | ||
98 | + if (sess != NULL) | ||
99 | + sess->not_resumable = 0; | ||
100 | + | ||
101 | + return sess; | ||
102 | +} | ||
103 | + | ||
104 | const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *s, unsigned int *len) | ||
105 | { | ||
106 | if (len) | ||
107 | diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c | ||
108 | index a9e67f9d32a77..6c942e6bcec29 100644 | ||
109 | --- a/ssl/statem/statem_srvr.c | ||
110 | +++ b/ssl/statem/statem_srvr.c | ||
111 | @@ -2338,9 +2338,8 @@ int tls_construct_server_hello(SSL *s, WPACKET *pkt) | ||
112 | * so the following won't overwrite an ID that we're supposed | ||
113 | * to send back. | ||
114 | */ | ||
115 | - if (s->session->not_resumable || | ||
116 | - (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER) | ||
117 | - && !s->hit)) | ||
118 | + if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER) | ||
119 | + && !s->hit) | ||
120 | s->session->session_id_length = 0; | ||
121 | |||
122 | if (usetls13) { | ||
diff --git a/meta/recipes-connectivity/openssl/openssl_3.0.13.bb b/meta/recipes-connectivity/openssl/openssl_3.0.13.bb index 5e43fdc2de..3b253ddde0 100644 --- a/meta/recipes-connectivity/openssl/openssl_3.0.13.bb +++ b/meta/recipes-connectivity/openssl/openssl_3.0.13.bb | |||
@@ -12,6 +12,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ | |||
12 | file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ | 12 | file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ |
13 | file://afalg.patch \ | 13 | file://afalg.patch \ |
14 | file://0001-Configure-do-not-tweak-mips-cflags.patch \ | 14 | file://0001-Configure-do-not-tweak-mips-cflags.patch \ |
15 | file://CVE-2024-2511.patch \ | ||
15 | " | 16 | " |
16 | 17 | ||
17 | SRC_URI:append:class-nativesdk = " \ | 18 | SRC_URI:append:class-nativesdk = " \ |