The most common usage of this AEAD cipher is with TLS protocol The POLY1305 MAC algorithm is most frequently used as part of theĬHACHA20-POLY1305 AEAD (authenticated encryption with associated data)Īlgorithm. Of some application dependent calculations or a crash leading to a denial of Pointers, the most likely consequence, if any, would be an incorrect result However unless the compiler uses the vector registers for storing The consequences of this kind of internal application state corruption canīe various - from no consequences, if the calling application does notĭepend on the contents of non-volatile XMM registers at all, to the worstĬonsequences, where the attacker could get complete control of the application ![]() On newer PowerPC processors supporting the PowerISA 2.07 instructions. Thus the contents of some of these vector registersĪre corrupted when returning to the caller. PowerPC CPUs restores the contents of vector registers in a different order The POLY1305 MAC (message authentication code) implementation in OpenSSL for Impact summary: If an attacker can influence whether the POLY1305 MACĪlgorithm is used, the application state might be corrupted with variousĪpplication dependent consequences. On PowerPC CPU based platforms if the CPU provides vector instructions. Fix developed by Tomas Mraz.ĬVE-2023-6129 POLY1305 MAC implementation corrupts vector registers on PowerPC 09 January 2024: Issue summary: The POLY1305 MAC (message authentication code) implementationĬontains a bug that might corrupt the internal state of applications running The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue. The OpenSSL SSL/TLS implementation is not affected by this issue. With the '-pubin' and '-check' options on untrusted data. For that reason that application is also vulnerable if used The function EVP_PKEY_public_check() is not called from other OpenSSLįunctions however it is called from the OpenSSL pkey command lineĪpplication. Obtained from an untrusted source could be vulnerable to a Denial of ServiceĪttack. ![]() An application that calls EVP_PKEY_public_check() and supplies an RSA key Then this computation would take a long time. When function EVP_PKEY_public_check() is called on RSA public keys,Ī computation is done to confirm that the RSA modulus, n, is composite.įor valid RSA keys, n is a product of two or more large primes and thisĬomputation completes quickly. Is being checked has been obtained from an untrusted source this may lead To check RSA public keys may experience long delays. Impact summary: Applications that use the function EVP_PKEY_public_check() Fixed in OpenSSL 1.0.2zj (premium support) (Affected since 1.0.2)ĬVE-2023-6237 Excessive time spent checking invalid RSA public keys 15 January 2024: Issue summary: Checking excessively long invalid RSA public keys may takeĪ long time.Fixed in OpenSSL 1.1.1x (premium support) (Affected since 1.1.1).Fixed in OpenSSL 3.0.13 (git commit) (Affected since 3.0.0).Fixed in OpenSSL 3.1.5 (git commit) (Affected since 3.1.0).Fixed in OpenSSL 3.2.1 (git commit) (Affected since 3.2.0).Found by Bahaa Naamneh (Crosspoint Labs). The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. However since thisįunction is related to writing data we do not consider it security significant. We have also fixed a similar issue in SMIME_write_PKCS7(). PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes()Īnd PKCS12_newpass(). OpenSSL APIs that are vulnerable to this are: PKCS12_parse(), If an application processes PKCS12įiles from an untrusted source using the OpenSSL APIs then that application willīe vulnerable to this issue. This can lead to a NULL pointerĭereference that results in OpenSSL crashing. OpenSSL does not correctly check for this case. ![]() The PKCS12 specification allows certain fields to be NULL, but ![]() A file in PKCS12 format can contain certificates and keys and may come from an To crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted Extended support is available for 1.0.2 from OpenSSL Software Services for premium support customers. Note: All OpenSSL versions before 1.1.1 are out of support and no longer receiving updates. If you think you have found a security bug in OpenSSL, please report it to us.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |