|
============================================================= OpenSSL < 0.9.8l and previous versions Multiple Vulnerability =============================================================
SecurityRisk : High Security Risk High (About) Arrow Remote Exploit : Yes Arrow Local Exploit : No Arrow Victim interaction required : No Arrow Exploit Available : Yes Arrow Credit : Bodo Moeller Arrow Published : 09.03.2010
Arrow Affected Software : openssl:openssl:0.9.8l and previous versions openssl:openssl:0.9.8k openssl:openssl:0.9.8j openssl:openssl:0.9.8i openssl:openssl:0.9.8h openssl:openssl:0.9.8g openssl:openssl:0.9.8f openssl:openssl:0.9.8e openssl:openssl:0.9.8d openssl:openssl:0.9.8c openssl:openssl:0.9.8b openssl:openssl:0.9.8a openssl:openssl:0.9.8
OpenSSL CVS Repository http://cvs.openssl.org/
___________________________________________________________________________ _
Server: cvs.openssl.org Name: Bodo Moeller Root: /v/openssl/cvs Email: bodo@openssl.org Module: openssl Date: 23-Feb-2010 11:36:41 Branch: OpenSSL_0_9_8-stable Handle: 2010022310363902
Modified files: (Branch: OpenSSL_0_9_8-stable) openssl CHANGES openssl/crypto/bn bn_div.c bn_gf2m.c openssl/crypto/ec ec2_smpl.c openssl/engines e_ubsec.c
Log: Always check bn_wexpend() return values for failure (CVE-2009-3245).
(The CHANGES entry covers the change from PR #2111 as well, submitted by Martin Olsson.)
Submitted by: Neel Mehta
Summary: Revision Changes Path 1.1238.2.189+3 -0 openssl/CHANGES 1.37.2.9 +1 -1 openssl/crypto/bn/bn_div.c 1.18.2.3 +2 -1 openssl/crypto/bn/bn_gf2m.c 1.14.2.2 +6 -4 openssl/crypto/ec/ec2_smpl.c 1.13.2.4 +2 -2 openssl/engines/e_ubsec.c
___________________________________________________________________________ _
patch -p0 <<'@@ .' Index: openssl/CHANGES
=========================================================================== = $ cvs diff -u -r1.1238.2.188 -r1.1238.2.189 CHANGES --- openssl/CHANGES 19 Feb 2010 18:25:37 -0000 1.1238.2.188 +++ openssl/CHANGES 23 Feb 2010 10:36:39 -0000 1.1238.2.189 @@ -4,6 +4,9 @@
Changes between 0.9.8l and 0.9.8m [xx XXX xxxx]
+ *) Always check bn_wexpend() return values for failure. (CVE-2009-3245) + [Martin Olsson, Neel Mehta] + *) Fix X509_STORE locking: Every 'objs' access requires a lock (to accommodate for stack sorting, always a write lock!). [Bodo Moeller] @@ . patch -p0 <<'@@ .' Index: openssl/crypto/bn/bn_div.c
=========================================================================== = $ cvs diff -u -r1.37.2.8 -r1.37.2.9 bn_div.c --- openssl/crypto/bn/bn_div.c 17 Jun 2009 11:26:39 -0000 1.37.2.8 +++ openssl/crypto/bn/bn_div.c 23 Feb 2010 10:36:41 -0000 1.37.2.9 @@ -102,7 +102,7 @@ /* The next 2 are needed so we can do a dv->d<A NAME="-0"></A>[0]|=1 later * since BN_lshift1 will only work once there is a value :-) */ BN_zero(dv); - bn_wexpand(dv,1); + if(bn_wexpand(dv,1) == NULL) goto end; dv->top=1;
if (!BN_lshift(D,D,nm-nd)) goto end; @@ . patch -p0 <<'@@ .' Index: openssl/crypto/bn/bn_gf2m.c
=========================================================================== = $ cvs diff -u -r1.18.2.2 -r1.18.2.3 bn_gf2m.c --- openssl/crypto/bn/bn_gf2m.c 23 Jun 2008 20:46:28 -0000 1.18.2.2 +++ openssl/crypto/bn/bn_gf2m.c 23 Feb 2010 10:36:41 -0000 1.18.2.3 @@ -294,7 +294,8 @@ if (a->top < b->top) { at = b; bt = a; } else { at = a; bt = b; }
- bn_wexpand(r, at->top); + if(bn_wexpand(r, at->top) == NULL) + return 0;
for (i = 0; i < bt->top; i++) { @@ . patch -p0 <<'@@ .' Index: openssl/crypto/ec/ec2_smpl.c
=========================================================================== = $ cvs diff -u -r1.14.2.1 -r1.14.2.2 ec2_smpl.c --- openssl/crypto/ec/ec2_smpl.c 13 Mar 2006 23:12:07 -0000 1.14.2.1 +++ openssl/crypto/ec/ec2_smpl.c 23 Feb 2010 10:36:41 -0000 1.14.2.2 @@ -174,8 +174,10 @@ dest->poly<A NAME="-2"></A>[2] = src->poly[2]; dest->poly<A NAME="-3"></A>[3] = src->poly[3]; dest->poly<A NAME="-4"></A>[4] = src->poly[4]; - bn_wexpand(&dest->a, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2); - bn_wexpand(&dest->b, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2); + if(bn_wexpand(&dest->a, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) + return 0; + if(bn_wexpand(&dest->b, (int)(dest->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) + return 0; for (i = dest->a.top; i < dest->a.dmax; i++) dest->a.d[i] = 0; for (i = dest->b.top; i < dest->b.dmax; i++) dest->b.d[i] = 0; return 1; @@ -199,12 +201,12 @@
/* group->a */ if (!BN_GF2m_mod_arr(&group->a, a, group->poly)) goto err; - bn_wexpand(&group->a, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2); + if(bn_wexpand(&group->a, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) goto err; for (i = group->a.top; i < group->a.dmax; i++) group->a.d[i] = 0;
/* group->b */ if (!BN_GF2m_mod_arr(&group->b, b, group->poly)) goto err; - bn_wexpand(&group->b, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2); + if(bn_wexpand(&group->b, (int)(group->poly[0] + BN_BITS2 - 1) / BN_BITS2) == NULL) goto err; for (i = group->b.top; i < group->b.dmax; i++) group->b.d[i] = 0;
ret = 1; @@ . patch -p0 <<'@@ .' Index: openssl/engines/e_ubsec.c
=========================================================================== = $ cvs diff -u -r1.13.2.3 -r1.13.2.4 e_ubsec.c --- openssl/engines/e_ubsec.c 6 Sep 2007 12:43:53 -0000 1.13.2.3 +++ openssl/engines/e_ubsec.c 23 Feb 2010 10:36:41 -0000 1.13.2.4 @@ -934,7 +934,7 @@ priv_key = BN_new(); if (priv_key == NULL) goto err; priv_key_len = BN_num_bits(dh->p); - bn_wexpand(priv_key, dh->p->top); + if(bn_wexpand(priv_key, dh->p->top) == NULL) goto err; do if (!BN_rand_range(priv_key, dh->p)) goto err; while (BN_is_zero(priv_key)); @@ -949,7 +949,7 @@ { pub_key = BN_new(); pub_key_len = BN_num_bits(dh->p); - bn_wexpand(pub_key, dh->p->top); + if(bn_wexpand(pub_key, dh->p->top) == NULL) goto err; if(pub_key == NULL) goto err; } else @@ .
|
|
|