CVE-2024-23170 Timing side channel in private key RSA operations. Mbed TLS is vulnerable to a timing side channel in private key RSA operations. This side channel could be sufficient for an attacker to recover the plaintext. A local attacker or a remote attacker who is close to the victim on the network might have precise enough timing measurements to exploit this. It requires the attacker to send a large number of messages for decryption. https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-1/ CVE-2024-23775 Buffer overflow in mbedtls_x509_set_extension(). When writing x509 extensions we failed to validate inputs passed in to mbedtls_x509_set_extension(), which could result in an integer overflow, causing a zero-length buffer to be allocated to hold the extension. The extension would then be copied into the buffer, causing a heap buffer overflow. https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-2/ Resolution: update net-libs/mbedtls to 2.28.7 and 3.5.2.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8854f3a3ba8804ac498d25fa3ba419215b18d352 commit 8854f3a3ba8804ac498d25fa3ba419215b18d352 Author: Azamat H. Hackimov <azamat.hackimov@gmail.com> AuthorDate: 2024-01-29 17:48:33 +0000 Commit: Yixun Lan <dlan@gentoo.org> CommitDate: 2024-01-31 09:37:45 +0000 net-libs/mbedtls: drop 2.28.6, 3.5.1 Bug: https://bugs.gentoo.org/923279 Closes: https://github.com/gentoo/gentoo/pull/35079 Signed-off-by: Azamat H. Hackimov <azamat.hackimov@gmail.com> Signed-off-by: Yixun Lan <dlan@gentoo.org> net-libs/mbedtls/Manifest | 2 - net-libs/mbedtls/mbedtls-2.28.6.ebuild | 104 --------------------------------- net-libs/mbedtls/mbedtls-3.5.1.ebuild | 96 ------------------------------ 3 files changed, 202 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a9ee81cf0e4c6b4df223fff5732fba83a019e398 commit a9ee81cf0e4c6b4df223fff5732fba83a019e398 Author: Azamat H. Hackimov <azamat.hackimov@gmail.com> AuthorDate: 2024-01-29 17:47:16 +0000 Commit: Yixun Lan <dlan@gentoo.org> CommitDate: 2024-01-31 09:35:52 +0000 net-libs/mbedtls: add 2.28.7, 3.5.2 Fixes CVE-2024-23170, CVE-2024-23775 issues. Bug: https://bugs.gentoo.org/923279 Signed-off-by: Azamat H. Hackimov <azamat.hackimov@gmail.com> Signed-off-by: Yixun Lan <dlan@gentoo.org> net-libs/mbedtls/Manifest | 2 + net-libs/mbedtls/mbedtls-2.28.7.ebuild | 104 +++++++++++++++++++++++++++++++++ net-libs/mbedtls/mbedtls-3.5.2.ebuild | 96 ++++++++++++++++++++++++++++++ net-libs/mbedtls/metadata.xml | 1 + 4 files changed, 203 insertions(+)
since this is a security bug, please suggest new candidate for fast stabilization, I'd assume net-libs/mbedtls-2.28.7 ? thanks
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=d21ab1340ca6819c7fd7091b0fd62ce433aa6969 commit d21ab1340ca6819c7fd7091b0fd62ce433aa6969 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-09-22 07:17:18 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-09-22 07:17:27 +0000 [ GLSA 202409-14 ] Mbed TLS: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/886001 Bug: https://bugs.gentoo.org/923279 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202409-14.xml | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+)
