From 9e5b6ad6cec77c27b4225cdb1ad916db5969cf82 Mon Sep 17 00:00:00 2001 From: Virendra Thakur Date: Fri, 21 Jan 2022 09:46:24 +0530 Subject: strongswan: Fix for CVE-2021-41990 and CVE-2021-41991 Add patch to fix CVE-2021-41990 and CVE-2021-41991 Signed-off-by: virendra thakur Signed-off-by: Armin Kuster --- .../strongswan/files/CVE-2021-41990.patch | 62 ++++++++++++++++++++++ .../strongswan/files/CVE-2021-41991.patch | 41 ++++++++++++++ .../recipes-support/strongswan/strongswan_5.8.4.bb | 2 + 3 files changed, 105 insertions(+) create mode 100644 meta-networking/recipes-support/strongswan/files/CVE-2021-41990.patch create mode 100644 meta-networking/recipes-support/strongswan/files/CVE-2021-41991.patch (limited to 'meta-networking/recipes-support') diff --git a/meta-networking/recipes-support/strongswan/files/CVE-2021-41990.patch b/meta-networking/recipes-support/strongswan/files/CVE-2021-41990.patch new file mode 100644 index 0000000000..b7118ba1fb --- /dev/null +++ b/meta-networking/recipes-support/strongswan/files/CVE-2021-41990.patch @@ -0,0 +1,62 @@ +From 423a5d56274a1d343e0d2107dfc4fbf0df2dcca5 Mon Sep 17 00:00:00 2001 +From: Tobias Brunner +Date: Tue, 28 Sep 2021 17:52:08 +0200 +Subject: [PATCH] Reject RSASSA-PSS params with negative salt length + +The `salt_len` member in the struct is of type `ssize_t` because we use +negative values for special automatic salt lengths when generating +signatures. + +Not checking this could lead to an integer overflow. The value is assigned +to the `len` field of a chunk (`size_t`), which is further used in +calculations to check the padding structure and (if that is passed by a +matching crafted signature value) eventually a memcpy() that will result +in a segmentation fault. + +Fixes: a22316520b91 ("signature-params: Add functions to parse/build ASN.1 RSASSA-PSS params") +Fixes: 7d6b81648b2d ("gmp: Add support for RSASSA-PSS signature verification") +Fixes: CVE-2021-41990 + +Upstream-Status: Backport [https://download.strongswan.org/security/CVE-2021-41990] +CVE: CVE-2021-41990 + +Signed-off-by: Virendra Thakur + +--- + src/libstrongswan/credentials/keys/signature_params.c | 6 +++++- + src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c | 2 +- + 2 files changed, 6 insertions(+), 2 deletions(-) + +diff --git a/src/libstrongswan/credentials/keys/signature_params.c b/src/libstrongswan/credentials/keys/signature_params.c +index d89bd2c96bb5..837de8443d43 100644 +--- a/src/libstrongswan/credentials/keys/signature_params.c ++++ b/src/libstrongswan/credentials/keys/signature_params.c +@@ -322,7 +322,11 @@ bool rsa_pss_params_parse(chunk_t asn1, int level0, rsa_pss_params_t *params) + case RSASSA_PSS_PARAMS_SALT_LEN: + if (object.len) + { +- params->salt_len = (size_t)asn1_parse_integer_uint64(object); ++ params->salt_len = (ssize_t)asn1_parse_integer_uint64(object); ++ if (params->salt_len < 0) ++ { ++ goto end; ++ } + } + break; + case RSASSA_PSS_PARAMS_TRAILER: +diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c +index f9bd1d314dec..3a775090883e 100644 +--- a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c ++++ b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c +@@ -168,7 +168,7 @@ static bool verify_emsa_pss_signature(private_gmp_rsa_public_key_t *this, + int i; + bool success = FALSE; + +- if (!params) ++ if (!params || params->salt_len < 0) + { + return FALSE; + } +-- +2.25.1 + diff --git a/meta-networking/recipes-support/strongswan/files/CVE-2021-41991.patch b/meta-networking/recipes-support/strongswan/files/CVE-2021-41991.patch new file mode 100644 index 0000000000..2d898fa5cf --- /dev/null +++ b/meta-networking/recipes-support/strongswan/files/CVE-2021-41991.patch @@ -0,0 +1,41 @@ +From b667237b3a84f601ef5a707ce8eb861c3a5002d3 Mon Sep 17 00:00:00 2001 +From: Tobias Brunner +Date: Tue, 28 Sep 2021 19:38:22 +0200 +Subject: [PATCH] cert-cache: Prevent crash due to integer overflow/sign change + +random() allocates values in the range [0, RAND_MAX], with RAND_MAX usually +equaling INT_MAX = 2^31-1. Previously, values between 0 and 31 were added +directly to that offset before applying`% CACHE_SIZE` to get an index into +the cache array. If the random value was very high, this resulted in an +integer overflow and a negative index value and, therefore, an out-of-bounds +access of the array and in turn dereferencing invalid pointers when trying +to acquire the read lock. This most likely results in a segmentation fault. + +Fixes: 764e8b2211ce ("reimplemented certificate cache") +Fixes: CVE-2021-41991 + +Upstream-Status: Backport [https://download.strongswan.org/security/CVE-2021-41991] +CVE: CVE-2021-41991 + +Signed-off-by: Virendra Thakur + +--- + src/libstrongswan/credentials/sets/cert_cache.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/libstrongswan/credentials/sets/cert_cache.c b/src/libstrongswan/credentials/sets/cert_cache.c +index f1579c60a9bc..ceebb3843725 100644 +--- a/src/libstrongswan/credentials/sets/cert_cache.c ++++ b/src/libstrongswan/credentials/sets/cert_cache.c +@@ -151,7 +151,7 @@ static void cache(private_cert_cache_t *this, + for (try = 0; try < REPLACE_TRIES; try++) + { + /* replace a random relation */ +- offset = random(); ++ offset = random() % CACHE_SIZE; + for (i = 0; i < CACHE_SIZE; i++) + { + rel = &this->relations[(i + offset) % CACHE_SIZE]; +-- +2.25.1 + diff --git a/meta-networking/recipes-support/strongswan/strongswan_5.8.4.bb b/meta-networking/recipes-support/strongswan/strongswan_5.8.4.bb index 8a8809243a..b45b8074c4 100644 --- a/meta-networking/recipes-support/strongswan/strongswan_5.8.4.bb +++ b/meta-networking/recipes-support/strongswan/strongswan_5.8.4.bb @@ -11,6 +11,8 @@ SRC_URI = "http://download.strongswan.org/strongswan-${PV}.tar.bz2 \ file://fix-funtion-parameter.patch \ file://0001-memory.h-Include-stdint.h-for-uintptr_t.patch \ file://0001-Remove-obsolete-setting-regarding-the-Standard-Outpu.patch \ + file://CVE-2021-41990.patch \ + file://CVE-2021-41991.patch \ " SRC_URI[md5sum] = "0634e7f40591bd3f6770e583c3f27d29" -- cgit 1.2.3-korg