Description Chí-Thanh Christopher Nguyễn 2015-10-16 13:22:55 UTC

========================================================================
Summary
========================================================================

In order to achieve remote code execution against the vulnerabilities that we recently discovered in OpenSMTPD (CVE-2015-7687), a memory leak is needed. Because we could not find one in OpenSMTPD itself, we started to review the malloc()s and free()s of its libraries, and eventually found a memory leak in LibreSSL's OBJ_obj2txt() function; we then realized that this function also contains a buffer overflow (an off-by-one, usually stack-based).

The vulnerable function OBJ_obj2txt() is reachable through X509_NAME_oneline() and d2i_X509(), which is called automatically to decode the X.509 certificates exchanged during an SSL handshake (both client-side, unless an anonymous mode is used, and server-side, if client authentication is requested).

These vulnerabilities affect all LibreSSL versions, including LibreSSL 2.0.0 (the first public release) and LibreSSL 2.3.0 (the latest release at the time of writing). OpenSSL is not affected.

[...]

This off-by-one buffer overflow allows remote attackers to cause a
denial of service (crash) or possibly execute arbitrary code. However,
when triggered through X509_NAME_oneline() (and therefore d2i_X509()),
this buffer overflow is stack-based and probably not exploitable on
OpenBSD x86, where it appears to always smash the stack canary.