Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:GA
openssl-1_0_0.31472
openssl-CVE-2023-3446.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssl-CVE-2023-3446.patch of Package openssl-1_0_0.31472
From 8780a896543a654e757db1b9396383f9d8095528 Mon Sep 17 00:00:00 2001 From: Matt Caswell <matt@openssl.org> Date: Thu, 6 Jul 2023 16:36:35 +0100 Subject: [PATCH] Fix DH_check() excessive time with over sized modulus The DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it is excessively large. There is already a maximum DH modulus size (10,000 bits) over which OpenSSL will not generate or derive keys. DH_check() will however still perform various tests for validity on such a large modulus. We introduce a new maximum (32,768) over which DH_check() will just fail. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). CVE-2023-3446 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21452) --- crypto/dh/dh_check.c | 6 ++++++ crypto/dh/dh_err.c | 3 ++- crypto/err/openssl.txt | 3 ++- include/openssl/dh.h | 3 +++ include/openssl/dherr.h | 3 ++- 5 files changed, 15 insertions(+), 3 deletions(-) Index: openssl-1.0.2u/crypto/dh/dh_check.c =================================================================== --- openssl-1.0.2u.orig/crypto/dh/dh_check.c +++ openssl-1.0.2u/crypto/dh/dh_check.c @@ -90,6 +90,12 @@ int DH_check(const DH *dh, int *ret) if (FIPS_mode()) /* we allow only well-known params */ return 1; + /* Don't do any checks at all with an excessively large modulus */ + if (BN_num_bits(dh->p) > OPENSSL_DH_CHECK_MAX_MODULUS_BITS) { + DHerr(DH_F_DH_CHECK, DH_R_MODULUS_TOO_LARGE); + return 0; + } + ctx = BN_CTX_new(); if (ctx == NULL) goto err; Index: openssl-1.0.2u/crypto/dh/dh_err.c =================================================================== --- openssl-1.0.2u.orig/crypto/dh/dh_err.c +++ openssl-1.0.2u/crypto/dh/dh_err.c @@ -73,6 +73,7 @@ static ERR_STRING_DATA DH_str_functs[] = {ERR_FUNC(DH_F_COMPUTE_KEY), "COMPUTE_KEY"}, {ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"}, {ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"}, + {ERR_FUNC(DH_F_DH_CHECK), "DH_check"}, {ERR_FUNC(DH_F_DH_CMS_DECRYPT), "DH_CMS_DECRYPT"}, {ERR_FUNC(DH_F_DH_CMS_SET_PEERKEY), "DH_CMS_SET_PEERKEY"}, {ERR_FUNC(DH_F_DH_CMS_SET_SHARED_INFO), "DH_CMS_SET_SHARED_INFO"}, Index: openssl-1.0.2u/crypto/dh/dh.h =================================================================== --- openssl-1.0.2u.orig/crypto/dh/dh.h +++ openssl-1.0.2u/crypto/dh/dh.h @@ -76,6 +76,9 @@ # ifndef OPENSSL_DH_MAX_MODULUS_BITS # define OPENSSL_DH_MAX_MODULUS_BITS 10000 # endif +# ifndef OPENSSL_DH_CHECK_MAX_MODULUS_BITS +# define OPENSSL_DH_CHECK_MAX_MODULUS_BITS 32768 +# endif # define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024 # define OPENSSL_DH_FIPS_MIN_MODULUS_BITS_GEN 2048 @@ -396,6 +399,7 @@ void ERR_load_DH_strings(void); # define DH_F_COMPUTE_KEY 102 # define DH_F_DHPARAMS_PRINT_FP 101 # define DH_F_DH_BUILTIN_GENPARAMS 106 +# define DH_F_DH_CHECK 126 # define DH_F_DH_CMS_DECRYPT 117 # define DH_F_DH_CMS_SET_PEERKEY 118 # define DH_F_DH_CMS_SET_SHARED_INFO 119
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor