Summary: | <net-libs/mbedtls-{2.16.7,2.23.0}: Multiple vulnerabilities (CVE-2020-{36421,36422,36423}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | ajak, blueness |
Priority: | Normal | Keywords: | PullRequest |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://github.com/gentoo/gentoo/pull/17764 | ||
Whiteboard: | B4 [glsa+ cve] | ||
Package list: |
net-libs/mbedtls-2.16.7-r1 amd64 arm64 ppc64 x86
net-libs/mbedtls-2.23.0-r1 amd64 arm64 ppc64 x86
|
Runtime testing required: | --- |
Bug Depends on: | |||
Bug Blocks: | 740108 |
Description
Sam James
![]() ![]() ![]() ![]() Let us know when ready to stable, thanks! (In reply to Sam James (sec padawan) from comment #1) > Let us know when ready to stable, thanks! They should be ready. KEYWORDS="amd64 arm arm64 ppc ppc64 x86" (In reply to Anthony Basile from comment #2) > (In reply to Sam James (sec padawan) from comment #1) > > Let us know when ready to stable, thanks! > > They should be ready. > > KEYWORDS="amd64 arm arm64 ppc ppc64 x86" Thanks! ppc stable arm stable amd64, ppc64, x86: ping arm64 stable ppc64 stable x86 stable amd64 stable ---- Please cleanup. GLSA vote: yes Ping The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2eec5b536cc676a688ff316087a71c31d4ffe303 commit 2eec5b536cc676a688ff316087a71c31d4ffe303 Author: John Helmert III <jchelmert3@posteo.net> AuthorDate: 2020-10-04 02:12:25 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-10-04 14:00:01 +0000 net-libs/mbedtls: security cleanup Bug: https://bugs.gentoo.org/730752 Package-Manager: Portage-3.0.8, Repoman-3.0.1 Signed-off-by: John Helmert III <jchelmert3@posteo.net> Closes: https://github.com/gentoo/gentoo/pull/17764 Signed-off-by: Sam James <sam@gentoo.org> net-libs/mbedtls/Manifest | 2 - net-libs/mbedtls/mbedtls-2.16.6.ebuild | 94 ------------------------------- net-libs/mbedtls/mbedtls-2.22.0-r1.ebuild | 94 ------------------------------- 3 files changed, 190 deletions(-) Unable to check for sanity:
> no match for package: net-libs/mbedtls-2.16.7-r1
Unable to check for sanity:
> no match for package: net-libs/mbedtls-2.16.7-r1
CVEs requested for these. (In reply to Sam James from comment #0) > Release notes: > * 2.16.7: https://github.com/ARMmbed/mbedtls/releases/tag/mbedtls-2.16.7 > * 2.23.0: https://github.com/ARMmbed/mbedtls/releases/tag/mbedtls-2.23.0 > > "Fix a side channel vulnerability in modular exponentiation that could > reveal an RSA private key used in a secure enclave. Noticed by Sangho Lee, > Ming-Wei Shih, Prasun Gera, Taesoo Kim and Hyesoon Kim (Georgia Institute of > Technology); and Marcus Peinado (Microsoft Research). Reported by Raoul > Strackx (Fortanix) in 3394. CVE-2020-37421 > Fix side channel in mbedtls_ecp_check_pub_priv() and > mbedtls_pk_parse_key() / mbedtls_pk_parse_keyfile() (when loading a private > key that didn't include the uncompressed public key), as well as > mbedtls_ecp_mul() / mbedtls_ecp_mul_restartable() when called with a NULL > f_rng argument. An attacker with access to precise enough timing and memory > access information (typically an untrusted operating system attacking a > secure enclave) could fully recover the ECC private key. Found and reported > by Alejandro Cabrera Aldaya and Billy Brumley. CVE-2020-36422 > Fix issue in Lucky 13 counter-measure that could make it ineffective > when hardware accelerators were used (using one of the MBEDTLS_SHAxxx_ALT > macros). This would cause the original Lucky 13 attack to be possible in > those configurations, allowing an active network attacker to recover > plaintext after repeated timing measurements under some conditions. Reported > and fix suggested by Luc Perneel in 3246." CVE-2020-36423 > See > https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security- > advisory-2020-07 for details on the first vulnerability. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2aa8d23c8600f65ddf12a27696c2b4b99babbd79 commit 2aa8d23c8600f65ddf12a27696c2b4b99babbd79 Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2022-08-11 03:50:22 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-08-11 03:50:22 +0000 profiles: last rite app-admin/logcheck Bug: https://bugs.gentoo.org/730752 Signed-off-by: John Helmert III <ajak@gentoo.org> profiles/package.mask | 5 +++++ 1 file changed, 5 insertions(+) (In reply to Larry the Git Cow from comment #18) > The bug has been referenced in the following commit(s): > > https://gitweb.gentoo.org/repo/gentoo.git/commit/ > ?id=2aa8d23c8600f65ddf12a27696c2b4b99babbd79 > > commit 2aa8d23c8600f65ddf12a27696c2b4b99babbd79 > Author: John Helmert III <ajak@gentoo.org> > AuthorDate: 2022-08-11 03:50:22 +0000 > Commit: John Helmert III <ajak@gentoo.org> > CommitDate: 2022-08-11 03:50:22 +0000 > > profiles: last rite app-admin/logcheck > > Bug: https://bugs.gentoo.org/730752 > Signed-off-by: John Helmert III <ajak@gentoo.org> > > profiles/package.mask | 5 +++++ > 1 file changed, 5 insertions(+) Sorry, wrong bug GLSA request filed. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=f524f5fa47d9d739280d4530623a93084918da39 commit f524f5fa47d9d739280d4530623a93084918da39 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-01-11 05:19:06 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2023-01-11 05:22:06 +0000 [ GLSA 202301-08 ] Mbed TLS: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/730752 Bug: https://bugs.gentoo.org/740108 Bug: https://bugs.gentoo.org/764317 Bug: https://bugs.gentoo.org/778254 Bug: https://bugs.gentoo.org/801376 Bug: https://bugs.gentoo.org/829660 Bug: https://bugs.gentoo.org/857813 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202301-08.xml | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) GLSA released, all done! |