diff options
Diffstat (limited to 'meta/recipes-connectivity/openssl/openssl/CVE-2023-2650.patch')
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl/CVE-2023-2650.patch | 122 |
1 files changed, 0 insertions, 122 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2023-2650.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2023-2650.patch deleted file mode 100644 index ef344dda7f..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/CVE-2023-2650.patch +++ /dev/null | |||
@@ -1,122 +0,0 @@ | |||
1 | From 9e209944b35cf82368071f160a744b6178f9b098 Mon Sep 17 00:00:00 2001 | ||
2 | From: Richard Levitte <levitte@openssl.org> | ||
3 | Date: Fri, 12 May 2023 10:00:13 +0200 | ||
4 | Subject: [PATCH] Restrict the size of OBJECT IDENTIFIERs that OBJ_obj2txt will | ||
5 | translate | ||
6 | |||
7 | OBJ_obj2txt() would translate any size OBJECT IDENTIFIER to canonical | ||
8 | numeric text form. For gigantic sub-identifiers, this would take a very | ||
9 | long time, the time complexity being O(n^2) where n is the size of that | ||
10 | sub-identifier. | ||
11 | |||
12 | To mitigate this, a restriction on the size that OBJ_obj2txt() will | ||
13 | translate to canonical numeric text form is added, based on RFC 2578 | ||
14 | (STD 58), which says this: | ||
15 | |||
16 | > 3.5. OBJECT IDENTIFIER values | ||
17 | > | ||
18 | > An OBJECT IDENTIFIER value is an ordered list of non-negative numbers. | ||
19 | > For the SMIv2, each number in the list is referred to as a sub-identifier, | ||
20 | > there are at most 128 sub-identifiers in a value, and each sub-identifier | ||
21 | > has a maximum value of 2^32-1 (4294967295 decimal). | ||
22 | |||
23 | Fixes otc/security#96 | ||
24 | Fixes CVE-2023-2650 | ||
25 | |||
26 | Reviewed-by: Matt Caswell <matt@openssl.org> | ||
27 | Reviewed-by: Tomas Mraz <tomas@openssl.org> | ||
28 | |||
29 | Upstream-Status: Backport [https://github.com/openssl/openssl/commit/9e209944b35cf82368071f160a744b6178f9b098] | ||
30 | CVE: CVE-2023-2650 | ||
31 | Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> | ||
32 | --- | ||
33 | CHANGES | 28 +++++++++++++++++++++++++++- | ||
34 | NEWS | 2 ++ | ||
35 | crypto/objects/obj_dat.c | 19 +++++++++++++++++++ | ||
36 | 3 files changed, 48 insertions(+), 1 deletion(-) | ||
37 | |||
38 | diff --git a/CHANGES b/CHANGES | ||
39 | index 1eaaf4e..f2cf38f 100644 | ||
40 | --- a/CHANGES | ||
41 | +++ b/CHANGES | ||
42 | @@ -7,7 +7,33 @@ | ||
43 | https://github.com/openssl/openssl/commits/ and pick the appropriate | ||
44 | release branch. | ||
45 | |||
46 | - Changes between 1.1.1s and 1.1.1t [7 Feb 2023] | ||
47 | + Changes between 1.1.1t and 1.1.1u [xx XXX xxxx] | ||
48 | + | ||
49 | + *) Mitigate for the time it takes for `OBJ_obj2txt` to translate gigantic | ||
50 | + OBJECT IDENTIFIER sub-identifiers to canonical numeric text form. | ||
51 | + | ||
52 | + OBJ_obj2txt() would translate any size OBJECT IDENTIFIER to canonical | ||
53 | + numeric text form. For gigantic sub-identifiers, this would take a very | ||
54 | + long time, the time complexity being O(n^2) where n is the size of that | ||
55 | + sub-identifier. (CVE-2023-2650) | ||
56 | + | ||
57 | + To mitigitate this, `OBJ_obj2txt()` will only translate an OBJECT | ||
58 | + IDENTIFIER to canonical numeric text form if the size of that OBJECT | ||
59 | + IDENTIFIER is 586 bytes or less, and fail otherwise. | ||
60 | + | ||
61 | + The basis for this restriction is RFC 2578 (STD 58), section 3.5. OBJECT | ||
62 | + IDENTIFIER values, which stipulates that OBJECT IDENTIFIERS may have at | ||
63 | + most 128 sub-identifiers, and that the maximum value that each sub- | ||
64 | + identifier may have is 2^32-1 (4294967295 decimal). | ||
65 | + | ||
66 | + For each byte of every sub-identifier, only the 7 lower bits are part of | ||
67 | + the value, so the maximum amount of bytes that an OBJECT IDENTIFIER with | ||
68 | + these restrictions may occupy is 32 * 128 / 7, which is approximately 586 | ||
69 | + bytes. | ||
70 | + | ||
71 | + Ref: https://datatracker.ietf.org/doc/html/rfc2578#section-3.5 | ||
72 | + | ||
73 | +Changes between 1.1.1s and 1.1.1t [7 Feb 2023] | ||
74 | |||
75 | *) Corrected documentation of X509_VERIFY_PARAM_add0_policy() to mention | ||
76 | that it does not enable policy checking. Thanks to | ||
77 | diff --git a/NEWS b/NEWS | ||
78 | index a86220a..41922c4 100644 | ||
79 | --- a/NEWS | ||
80 | +++ b/NEWS | ||
81 | @@ -7,6 +7,8 @@ | ||
82 | |||
83 | Major changes between OpenSSL 1.1.1s and OpenSSL 1.1.1t [7 Feb 2023] | ||
84 | |||
85 | + o Mitigate for very slow `OBJ_obj2txt()` performance with gigantic | ||
86 | + OBJECT IDENTIFIER sub-identities. (CVE-2023-2650) | ||
87 | o Fixed documentation of X509_VERIFY_PARAM_add0_policy() (CVE-2023-0466) | ||
88 | o Fixed X.400 address type confusion in X.509 GeneralName (CVE-2023-0286) | ||
89 | o Fixed Use-after-free following BIO_new_NDEF (CVE-2023-0215) | ||
90 | diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c | ||
91 | index 7e8de72..d699915 100644 | ||
92 | --- a/crypto/objects/obj_dat.c | ||
93 | +++ b/crypto/objects/obj_dat.c | ||
94 | @@ -428,6 +428,25 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) | ||
95 | first = 1; | ||
96 | bl = NULL; | ||
97 | |||
98 | + /* | ||
99 | + * RFC 2578 (STD 58) says this about OBJECT IDENTIFIERs: | ||
100 | + * | ||
101 | + * > 3.5. OBJECT IDENTIFIER values | ||
102 | + * > | ||
103 | + * > An OBJECT IDENTIFIER value is an ordered list of non-negative | ||
104 | + * > numbers. For the SMIv2, each number in the list is referred to as a | ||
105 | + * > sub-identifier, there are at most 128 sub-identifiers in a value, | ||
106 | + * > and each sub-identifier has a maximum value of 2^32-1 (4294967295 | ||
107 | + * > decimal). | ||
108 | + * | ||
109 | + * So a legitimate OID according to this RFC is at most (32 * 128 / 7), | ||
110 | + * i.e. 586 bytes long. | ||
111 | + * | ||
112 | + * Ref: https://datatracker.ietf.org/doc/html/rfc2578#section-3.5 | ||
113 | + */ | ||
114 | + if (len > 586) | ||
115 | + goto err; | ||
116 | + | ||
117 | while (len > 0) { | ||
118 | l = 0; | ||
119 | use_bn = 0; | ||
120 | -- | ||
121 | 2.25.1 | ||
122 | |||