Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 829660 (CVE-2021-43666, CVE-2021-44732, CVE-2021-45450) - <net-libs/mbedtls-{2.16.12,2.28.0}: multiple vulnerabilities
Summary: <net-libs/mbedtls-{2.16.12,2.28.0}: multiple vulnerabilities
Status: IN_PROGRESS
Alias: CVE-2021-43666, CVE-2021-44732, CVE-2021-45450
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa?]
Keywords:
Depends on: 829713
Blocks:
  Show dependency tree
 
Reported: 2021-12-19 22:15 UTC by John Helmert III
Modified: 2022-03-24 21:36 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III gentoo-dev Security 2021-12-19 22:15:11 UTC
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.12
https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.0
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2021-12

"Security
   * Zeroize several intermediate variables used to calculate the expected
     value when verifying a MAC or AEAD tag. This hardens the library in
     case the value leaks through a memory disclosure vulnerability. For
     example, a memory disclosure vulnerability could have allowed a
     man-in-the-middle to inject fake ciphertext into a DTLS connection.
   * In psa_cipher_generate_iv() and psa_cipher_encrypt(), do not read back
     from the output buffer. This fixes a potential policy bypass or decryption
     oracle vulnerability if the output buffer is in memory that is shared with
     an untrusted application.
   * Fix a double-free that happened after mbedtls_ssl_set_session() or
     mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED
     (out of memory). After that, calling mbedtls_ssl_session_free()
     and mbedtls_ssl_free() would cause an internal session buffer to
     be free()'d twice."

please bump to 2.16.12 and 2.28.0.
Comment 1 Anthony Basile gentoo-dev 2021-12-20 13:58:52 UTC
I just added 2.16.12, 2.28.0 and 3.1.0.  I did preliminary testing and they are ready for rapid stabilization.
Comment 2 John Helmert III gentoo-dev Security 2021-12-20 20:30:23 UTC
Thank you!
Comment 3 John Helmert III gentoo-dev Security 2021-12-21 07:21:14 UTC
(In reply to John Helmert III from comment #0)
> https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.12
> https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.0
> https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-
> advisory-2021-12
> 
> "Security
>    * Zeroize several intermediate variables used to calculate the expected
>      value when verifying a MAC or AEAD tag. This hardens the library in
>      case the value leaks through a memory disclosure vulnerability. For
>      example, a memory disclosure vulnerability could have allowed a
>      man-in-the-middle to inject fake ciphertext into a DTLS connection.
>    * In psa_cipher_generate_iv() and psa_cipher_encrypt(), do not read back
>      from the output buffer. This fixes a potential policy bypass or
> decryption
>      oracle vulnerability if the output buffer is in memory that is shared
> with
>      an untrusted application.

CVE-2021-45450

>    * Fix a double-free that happened after mbedtls_ssl_set_session() or
>      mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED
>      (out of memory). After that, calling mbedtls_ssl_session_free()
>      and mbedtls_ssl_free() would cause an internal session buffer to
>      be free()'d twice."
> 
> please bump to 2.16.12 and 2.28.0.
Comment 4 John Helmert III gentoo-dev Security 2021-12-22 20:26:46 UTC
Please cleanup, thanks!
Comment 5 Anthony Basile gentoo-dev 2022-01-15 22:01:07 UTC
(In reply to John Helmert III from comment #4)
> Please cleanup, thanks!

clean up done
Comment 6 John Helmert III gentoo-dev Security 2022-01-15 22:16:37 UTC
Thanks!
Comment 7 John Helmert III gentoo-dev Security 2022-03-24 21:36:19 UTC
CVE-2021-43666 (https://github.com/ARMmbed/mbedtls/issues/5136):

A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0.