Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 886001 (CVE-2022-46392, CVE-2022-46393, CVE-2023-43615, CVE-2023-45199) - <net-libs/mbedtls-{2.28.5,3.5.0}: multiple vulnerabilties
Summary: <net-libs/mbedtls-{2.28.5,3.5.0}: multiple vulnerabilties
Status: RESOLVED FIXED
Alias: CVE-2022-46392, CVE-2022-46393, CVE-2023-43615, CVE-2023-45199
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor
Assignee: Gentoo Security
URL: https://github.com/Mbed-TLS/mbedtls/r...
Whiteboard: B3 [glsa+]
Keywords: PullRequest
Depends on: 916397
Blocks:
  Show dependency tree
 
Reported: 2022-12-14 23:29 UTC by John Helmert III
Modified: 2024-09-22 07:18 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-12-14 23:29:22 UTC
"Security
   * Fix potential heap buffer overread and overwrite in DTLS if
     MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
     MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
   * An adversary with access to precise enough information about memory
     accesses (typically, an untrusted operating system attacking a secure
     enclave) could recover an RSA private key after observing the victim
     performing a single private-key operation if the window size used for the
     exponentiation was 3 or smaller. Found and reported by Zili KOU,
     Wenjian HE, Sharad Sinha, and Wei ZHANG. See "Cache Side-channel Attacks
     and Defenses of the Sliding Window Algorithm in TEEs" - Design, Automation
     and Test in Europe 2023."

Please bump to 2.28.2.
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-12-17 21:43:25 UTC
Thanks for getting CVEs, whoever did it \o/
Comment 2 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2023-10-08 05:15:54 UTC
I see some others looking at https://github.com/Mbed-TLS/mbedtls/blob/mbedtls-2.28/ChangeLog while bumping to 2.28.5..

2.28.3 (shouldn't affect us):
"""
Security
   * MBEDTLS_AESNI_C, which is enabled by default, was silently ignored on
     builds that couldn't compile the GCC-style assembly implementation
     (most notably builds with Visual Studio), leaving them vulnerable to
     timing side-channel attacks. There is now an intrinsics-based AES-NI
     implementation as a fallback for when the assembly one cannot be used.
"""

2.38.5:
"""
Security
   * Developers using mbedtls_pkcs5_pbes2() or mbedtls_pkcs12_pbe() should
     review the size of the output buffer passed to this function, and note
     that the output after decryption may include CBC padding. Consider moving
     to the new functions mbedtls_pkcs5_pbes2_ext() or mbedtls_pkcs12_pbe_ext()
     which checks for overflow of the output buffer and reports the actual
     length of the output.
   * Improve padding calculations in CBC decryption, NIST key unwrapping and
     RSA OAEP decryption. With the previous implementation, some compilers
     (notably recent versions of Clang and IAR) could produce non-constant
     time code, which could allow a padding oracle attack if the attacker
     has access to precise timing measurements.
   * Fix a buffer overread when parsing short TLS application data records in
     ARC4 or null-cipher cipher suites. Credit to OSS-Fuzz.
"""
Comment 3 Larry the Git Cow gentoo-dev 2023-10-08 05:33:17 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f00b9e572f549402d60bed6ff200891ce9ffc1ba

commit f00b9e572f549402d60bed6ff200891ce9ffc1ba
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2023-10-08 05:16:13 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-10-08 05:16:13 +0000

    net-libs/mbedtls: add 2.28.5
    
    Bug: https://bugs.gentoo.org/886001
    Signed-off-by: Sam James <sam@gentoo.org>

 net-libs/mbedtls/Manifest              |   1 +
 net-libs/mbedtls/mbedtls-2.28.5.ebuild | 109 +++++++++++++++++++++++++++++++++
 2 files changed, 110 insertions(+)
Comment 4 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-11-26 22:37:31 UTC
CVE-2023-45199 (https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2023-10-2/):

Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution.

CVE-2023-43615 (https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2023-10-1/):

Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.
Comment 5 Larry the Git Cow gentoo-dev 2024-01-14 04:05:39 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e2e3b903e7752dc31c1ace3843a505c1f331d831

commit e2e3b903e7752dc31c1ace3843a505c1f331d831
Author:     Azamat H. Hackimov <azamat.hackimov@gmail.com>
AuthorDate: 2024-01-07 11:02:32 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2024-01-14 04:01:11 +0000

    net-libs/mbedtls: drop 2.28.1, 3.2.1
    
    Remove volurnable versions.
    
    Bug: https://bugs.gentoo.org/886001
    
    Signed-off-by: Azamat H. Hackimov <azamat.hackimov@gmail.com>
    Signed-off-by: Sam James <sam@gentoo.org>

 net-libs/mbedtls/Manifest              |   2 -
 net-libs/mbedtls/mbedtls-2.28.1.ebuild | 102 ---------------------------------
 net-libs/mbedtls/mbedtls-3.2.1.ebuild  |  96 -------------------------------
 3 files changed, 200 deletions(-)
Comment 6 Larry the Git Cow gentoo-dev 2024-09-22 07:17:29 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=d21ab1340ca6819c7fd7091b0fd62ce433aa6969

commit d21ab1340ca6819c7fd7091b0fd62ce433aa6969
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2024-09-22 07:17:18 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2024-09-22 07:17:27 +0000

    [ GLSA 202409-14 ] Mbed TLS: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/886001
    Bug: https://bugs.gentoo.org/923279
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202409-14.xml | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)