https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.12 https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.0 https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2021-12 "Security * Zeroize several intermediate variables used to calculate the expected value when verifying a MAC or AEAD tag. This hardens the library in case the value leaks through a memory disclosure vulnerability. For example, a memory disclosure vulnerability could have allowed a man-in-the-middle to inject fake ciphertext into a DTLS connection. * In psa_cipher_generate_iv() and psa_cipher_encrypt(), do not read back from the output buffer. This fixes a potential policy bypass or decryption oracle vulnerability if the output buffer is in memory that is shared with an untrusted application. * Fix a double-free that happened after mbedtls_ssl_set_session() or mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED (out of memory). After that, calling mbedtls_ssl_session_free() and mbedtls_ssl_free() would cause an internal session buffer to be free()'d twice." please bump to 2.16.12 and 2.28.0.
I just added 2.16.12, 2.28.0 and 3.1.0. I did preliminary testing and they are ready for rapid stabilization.
Thank you!
(In reply to John Helmert III from comment #0) > https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.12 > https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.0 > https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security- > advisory-2021-12 > > "Security > * Zeroize several intermediate variables used to calculate the expected > value when verifying a MAC or AEAD tag. This hardens the library in > case the value leaks through a memory disclosure vulnerability. For > example, a memory disclosure vulnerability could have allowed a > man-in-the-middle to inject fake ciphertext into a DTLS connection. > * In psa_cipher_generate_iv() and psa_cipher_encrypt(), do not read back > from the output buffer. This fixes a potential policy bypass or > decryption > oracle vulnerability if the output buffer is in memory that is shared > with > an untrusted application. CVE-2021-45450 > * Fix a double-free that happened after mbedtls_ssl_set_session() or > mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED > (out of memory). After that, calling mbedtls_ssl_session_free() > and mbedtls_ssl_free() would cause an internal session buffer to > be free()'d twice." > > please bump to 2.16.12 and 2.28.0.
Please cleanup, thanks!
(In reply to John Helmert III from comment #4) > Please cleanup, thanks! clean up done
Thanks!
CVE-2021-43666 (https://github.com/ARMmbed/mbedtls/issues/5136): A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0.
GLSA request filed.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=f524f5fa47d9d739280d4530623a93084918da39 commit f524f5fa47d9d739280d4530623a93084918da39 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-01-11 05:19:06 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2023-01-11 05:22:06 +0000 [ GLSA 202301-08 ] Mbed TLS: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/730752 Bug: https://bugs.gentoo.org/740108 Bug: https://bugs.gentoo.org/764317 Bug: https://bugs.gentoo.org/778254 Bug: https://bugs.gentoo.org/801376 Bug: https://bugs.gentoo.org/829660 Bug: https://bugs.gentoo.org/857813 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202301-08.xml | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+)
GLSA released, all done!