diff options
Diffstat (limited to 'meta')
3 files changed, 101 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/0001-CVE-2017-3731.patch b/meta/recipes-connectivity/openssl/openssl/0001-CVE-2017-3731.patch new file mode 100644 index 0000000000..04ef526826 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/0001-CVE-2017-3731.patch | |||
@@ -0,0 +1,46 @@ | |||
1 | From 0cde9a9645c949fd0acf657dadc747676245cfaf Mon Sep 17 00:00:00 2001 | ||
2 | From: Alexandru Moise <alexandru.moise@windriver.com> | ||
3 | Date: Tue, 7 Feb 2017 11:13:19 +0200 | ||
4 | Subject: [PATCH 1/2] crypto/evp: harden RC4_MD5 cipher. | ||
5 | MIME-Version: 1.0 | ||
6 | Content-Type: text/plain; charset=UTF-8 | ||
7 | Content-Transfer-Encoding: 8bit | ||
8 | |||
9 | Originally a crash in 32-bit build was reported CHACHA20-POLY1305 | ||
10 | cipher. The crash is triggered by truncated packet and is result | ||
11 | of excessive hashing to the edge of accessible memory (or bogus | ||
12 | MAC value is produced if x86 MD5 assembly module is involved). Since | ||
13 | hash operation is read-only it is not considered to be exploitable | ||
14 | beyond a DoS condition. | ||
15 | |||
16 | Thanks to Robert Święcki for report. | ||
17 | |||
18 | CVE-2017-3731 | ||
19 | |||
20 | Backported from upstream commit: | ||
21 | 8e20499629b6bcf868d0072c7011e590b5c2294d | ||
22 | |||
23 | Upstream-Status: Backport | ||
24 | |||
25 | Reviewed-by: Rich Salz <rsalz@openssl.org> | ||
26 | Signed-off-by: Alexandru Moise <alexandru.moise@windriver.com> | ||
27 | --- | ||
28 | crypto/evp/e_rc4_hmac_md5.c | 2 ++ | ||
29 | 1 file changed, 2 insertions(+) | ||
30 | |||
31 | diff --git a/crypto/evp/e_rc4_hmac_md5.c b/crypto/evp/e_rc4_hmac_md5.c | ||
32 | index 5e92855..3293419 100644 | ||
33 | --- a/crypto/evp/e_rc4_hmac_md5.c | ||
34 | +++ b/crypto/evp/e_rc4_hmac_md5.c | ||
35 | @@ -269,6 +269,8 @@ static int rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, | ||
36 | len = p[arg - 2] << 8 | p[arg - 1]; | ||
37 | |||
38 | if (!ctx->encrypt) { | ||
39 | + if (len < MD5_DIGEST_LENGTH) | ||
40 | + return -1; | ||
41 | len -= MD5_DIGEST_LENGTH; | ||
42 | p[arg - 2] = len >> 8; | ||
43 | p[arg - 1] = len; | ||
44 | -- | ||
45 | 2.10.2 | ||
46 | |||
diff --git a/meta/recipes-connectivity/openssl/openssl/0002-CVE-2017-3731.patch b/meta/recipes-connectivity/openssl/openssl/0002-CVE-2017-3731.patch new file mode 100644 index 0000000000..b56b2d5bd3 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/0002-CVE-2017-3731.patch | |||
@@ -0,0 +1,53 @@ | |||
1 | From 6427f1accc54b515bb899370f1a662bfcb1caa52 Mon Sep 17 00:00:00 2001 | ||
2 | From: Alexandru Moise <alexandru.moise@windriver.com> | ||
3 | Date: Tue, 7 Feb 2017 11:16:13 +0200 | ||
4 | Subject: [PATCH 2/2] crypto/evp: harden AEAD ciphers. | ||
5 | MIME-Version: 1.0 | ||
6 | Content-Type: text/plain; charset=UTF-8 | ||
7 | Content-Transfer-Encoding: 8bit | ||
8 | |||
9 | Originally a crash in 32-bit build was reported CHACHA20-POLY1305 | ||
10 | cipher. The crash is triggered by truncated packet and is result | ||
11 | of excessive hashing to the edge of accessible memory. Since hash | ||
12 | operation is read-only it is not considered to be exploitable | ||
13 | beyond a DoS condition. Other ciphers were hardened. | ||
14 | |||
15 | Thanks to Robert Święcki for report. | ||
16 | |||
17 | CVE-2017-3731 | ||
18 | |||
19 | Backported from upstream commit: | ||
20 | 2198b3a55de681e1f3c23edb0586afe13f438051 | ||
21 | |||
22 | Upstream-Status: Backport | ||
23 | |||
24 | Reviewed-by: Rich Salz <rsalz@openssl.org> | ||
25 | Signed-off-by: Alexandru Moise <alexandru.moise@windriver.com> | ||
26 | --- | ||
27 | crypto/evp/e_aes.c | 7 ++++++- | ||
28 | 1 file changed, 6 insertions(+), 1 deletion(-) | ||
29 | |||
30 | diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c | ||
31 | index 1734a82..16dcd10 100644 | ||
32 | --- a/crypto/evp/e_aes.c | ||
33 | +++ b/crypto/evp/e_aes.c | ||
34 | @@ -1235,10 +1235,15 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) | ||
35 | { | ||
36 | unsigned int len = c->buf[arg - 2] << 8 | c->buf[arg - 1]; | ||
37 | /* Correct length for explicit IV */ | ||
38 | + if (len < EVP_GCM_TLS_EXPLICIT_IV_LEN) | ||
39 | + return 0; | ||
40 | len -= EVP_GCM_TLS_EXPLICIT_IV_LEN; | ||
41 | /* If decrypting correct for tag too */ | ||
42 | - if (!c->encrypt) | ||
43 | + if (!c->encrypt) { | ||
44 | + if (len < EVP_GCM_TLS_TAG_LEN) | ||
45 | + return 0; | ||
46 | len -= EVP_GCM_TLS_TAG_LEN; | ||
47 | + } | ||
48 | c->buf[arg - 2] = len >> 8; | ||
49 | c->buf[arg - 1] = len & 0xff; | ||
50 | } | ||
51 | -- | ||
52 | 2.10.2 | ||
53 | |||
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb index f2aca36eca..9a7cdedd05 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb | |||
@@ -41,6 +41,8 @@ SRC_URI += "file://find.pl;subdir=${BP}/util/ \ | |||
41 | file://parallel.patch \ | 41 | file://parallel.patch \ |
42 | file://openssl-util-perlpath.pl-cwd.patch \ | 42 | file://openssl-util-perlpath.pl-cwd.patch \ |
43 | file://CVE-2016-7055.patch \ | 43 | file://CVE-2016-7055.patch \ |
44 | file://0001-CVE-2017-3731.patch \ | ||
45 | file://0002-CVE-2017-3731.patch \ | ||
44 | " | 46 | " |
45 | SRC_URI[md5sum] = "96322138f0b69e61b7212bc53d5e912b" | 47 | SRC_URI[md5sum] = "96322138f0b69e61b7212bc53d5e912b" |
46 | SRC_URI[sha256sum] = "e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431" | 48 | SRC_URI[sha256sum] = "e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431" |