Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
security/openssl: Security update for CVE-2023-0465 & 0466
Security: 425b9538-ce5f-11ed-ade3-d4c9ef517024
- Loading branch information
Showing
4 changed files
with
268 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,108 @@ | ||
| From 8bc232b14624b7af01801d7940b7dec59b3ae47d Mon Sep 17 00:00:00 2001 | ||
| From: Matt Caswell <matt@openssl.org> | ||
| Date: Thu, 23 Mar 2023 15:31:25 +0000 | ||
| Subject: [PATCH] Updated CHANGES and NEWS for CVE-2023-0465 | ||
|
|
||
| Also updated the entries for CVE-2023-0464 | ||
|
|
||
| Related-to: CVE-2023-0465 | ||
|
|
||
| Reviewed-by: Hugo Landau <hlandau@openssl.org> | ||
| Reviewed-by: Tomas Mraz <tomas@openssl.org> | ||
| (Merged from https://github.com/openssl/openssl/pull/20588) | ||
| --- | ||
| CHANGES | 9 ++++++++- | ||
| NEWS | 4 +++- | ||
| 2 files changed, 11 insertions(+), 2 deletions(-) | ||
|
|
||
| diff --git a/CHANGES b/CHANGES | ||
| index 17caf6775bfe..efccf7838e65 100644 | ||
| --- CHANGES.orig | ||
| +++ CHANGES | ||
| @@ -9,12 +9,19 @@ | ||
|
|
||
| Changes between 1.1.1t and 1.1.1u [xx XXX xxxx] | ||
|
|
||
| + *) Fixed an issue where invalid certificate policies in leaf certificates are | ||
| + silently ignored by OpenSSL and other certificate policy checks are skipped | ||
| + for that certificate. A malicious CA could use this to deliberately assert | ||
| + invalid certificate policies in order to circumvent policy checking on the | ||
| + certificate altogether. (CVE-2023-0465) | ||
| + [Matt Caswell] | ||
| + | ||
| *) Limited the number of nodes created in a policy tree to mitigate | ||
| against CVE-2023-0464. The default limit is set to 1000 nodes, which | ||
| should be sufficient for most installations. If required, the limit | ||
| can be adjusted by setting the OPENSSL_POLICY_TREE_NODES_MAX build | ||
| time define to a desired maximum number of nodes or zero to allow | ||
| - unlimited growth. | ||
| + unlimited growth. (CVE-2023-0464) | ||
| [Paul Dale] | ||
|
|
||
| Changes between 1.1.1s and 1.1.1t [7 Feb 2023] | ||
| diff --git a/NEWS b/NEWS | ||
| index 8a18516d8609..36a9bb6890bf 100644 | ||
| --- NEWS.orig | ||
| +++ NEWS | ||
| @@ -7,7 +7,9 @@ | ||
|
|
||
| Major changes between OpenSSL 1.1.1t and OpenSSL 1.1.1u [under development] | ||
|
|
||
| - o | ||
| + o Fixed handling of invalid certificate policies in leaf certificates | ||
| + (CVE-2023-0465) | ||
| + o Limited the number of nodes created in a policy tree ([CVE-2023-0464]) | ||
|
|
||
| Major changes between OpenSSL 1.1.1s and OpenSSL 1.1.1t [7 Feb 2023] | ||
|
|
||
| From b013765abfa80036dc779dd0e50602c57bb3bf95 Mon Sep 17 00:00:00 2001 | ||
| From: Matt Caswell <matt@openssl.org> | ||
| Date: Tue, 7 Mar 2023 16:52:55 +0000 | ||
| Subject: [PATCH] Ensure that EXFLAG_INVALID_POLICY is checked even in leaf | ||
| certs | ||
|
|
||
| Even though we check the leaf cert to confirm it is valid, we | ||
| later ignored the invalid flag and did not notice that the leaf | ||
| cert was bad. | ||
|
|
||
| Fixes: CVE-2023-0465 | ||
|
|
||
| Reviewed-by: Hugo Landau <hlandau@openssl.org> | ||
| Reviewed-by: Tomas Mraz <tomas@openssl.org> | ||
| (Merged from https://github.com/openssl/openssl/pull/20588) | ||
| --- | ||
| crypto/x509/x509_vfy.c | 11 +++++++++-- | ||
| 1 file changed, 9 insertions(+), 2 deletions(-) | ||
|
|
||
| diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c | ||
| index 925fbb541258..1dfe4f9f31a5 100644 | ||
| --- crypto/x509/x509_vfy.c.orig | ||
| +++ crypto/x509/x509_vfy.c | ||
| @@ -1649,18 +1649,25 @@ static int check_policy(X509_STORE_CTX *ctx) | ||
| } | ||
| /* Invalid or inconsistent extensions */ | ||
| if (ret == X509_PCY_TREE_INVALID) { | ||
| - int i; | ||
| + int i, cbcalled = 0; | ||
|
|
||
| /* Locate certificates with bad extensions and notify callback. */ | ||
| - for (i = 1; i < sk_X509_num(ctx->chain); i++) { | ||
| + for (i = 0; i < sk_X509_num(ctx->chain); i++) { | ||
| X509 *x = sk_X509_value(ctx->chain, i); | ||
|
|
||
| if (!(x->ex_flags & EXFLAG_INVALID_POLICY)) | ||
| continue; | ||
| + cbcalled = 1; | ||
| if (!verify_cb_cert(ctx, x, i, | ||
| X509_V_ERR_INVALID_POLICY_EXTENSION)) | ||
| return 0; | ||
| } | ||
| + if (!cbcalled) { | ||
| + /* Should not be able to get here */ | ||
| + X509err(X509_F_CHECK_POLICY, ERR_R_INTERNAL_ERROR); | ||
| + return 0; | ||
| + } | ||
| + /* The callback ignored the error so we return success */ | ||
| return 1; | ||
| } | ||
| if (ret == X509_PCY_TREE_FAILURE) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,73 @@ | ||
| From 0d16b7e99aafc0b4a6d729eec65a411a7e025f0a Mon Sep 17 00:00:00 2001 | ||
| From: Tomas Mraz <tomas@openssl.org> | ||
| Date: Tue, 21 Mar 2023 16:15:47 +0100 | ||
| Subject: [PATCH] Fix documentation of X509_VERIFY_PARAM_add0_policy() | ||
|
|
||
| The function was incorrectly documented as enabling policy checking. | ||
|
|
||
| Fixes: CVE-2023-0466 | ||
|
|
||
| Reviewed-by: Matt Caswell <matt@openssl.org> | ||
| Reviewed-by: Paul Dale <pauli@openssl.org> | ||
| (Merged from https://github.com/openssl/openssl/pull/20564) | ||
| --- | ||
| CHANGES | 5 +++++ | ||
| NEWS | 1 + | ||
| doc/man3/X509_VERIFY_PARAM_set_flags.pod | 9 +++++++-- | ||
| 3 files changed, 13 insertions(+), 2 deletions(-) | ||
|
|
||
| diff --git a/CHANGES b/CHANGES | ||
| index efccf7838e65..b19f1429bbb0 100644 | ||
| --- CHANGES.orig | ||
| +++ CHANGES | ||
| @@ -9,6 +9,11 @@ | ||
|
|
||
| Changes between 1.1.1t and 1.1.1u [xx XXX xxxx] | ||
|
|
||
| + *) Corrected documentation of X509_VERIFY_PARAM_add0_policy() to mention | ||
| + that it does not enable policy checking. Thanks to | ||
| + David Benjamin for discovering this issue. (CVE-2023-0466) | ||
| + [Tomas Mraz] | ||
| + | ||
| *) Fixed an issue where invalid certificate policies in leaf certificates are | ||
| silently ignored by OpenSSL and other certificate policy checks are skipped | ||
| for that certificate. A malicious CA could use this to deliberately assert | ||
| diff --git a/NEWS b/NEWS | ||
| index 36a9bb6890bf..62615693fab8 100644 | ||
| --- NEWS.orig | ||
| +++ NEWS | ||
| @@ -7,6 +7,7 @@ | ||
|
|
||
| Major changes between OpenSSL 1.1.1t and OpenSSL 1.1.1u [under development] | ||
|
|
||
| + o Fixed documentation of X509_VERIFY_PARAM_add0_policy() (CVE-2023-0466) | ||
| o Fixed handling of invalid certificate policies in leaf certificates | ||
| (CVE-2023-0465) | ||
| o Limited the number of nodes created in a policy tree ([CVE-2023-0464]) | ||
| diff --git a/doc/man3/X509_VERIFY_PARAM_set_flags.pod b/doc/man3/X509_VERIFY_PARAM_set_flags.pod | ||
| index f6f304bf7bd0..aa292f9336fc 100644 | ||
| --- doc/man3/X509_VERIFY_PARAM_set_flags.pod.orig | ||
| +++ doc/man3/X509_VERIFY_PARAM_set_flags.pod | ||
| @@ -92,8 +92,9 @@ B<trust>. | ||
| X509_VERIFY_PARAM_set_time() sets the verification time in B<param> to | ||
| B<t>. Normally the current time is used. | ||
|
|
||
| -X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled | ||
| -by default) and adds B<policy> to the acceptable policy set. | ||
| +X509_VERIFY_PARAM_add0_policy() adds B<policy> to the acceptable policy set. | ||
| +Contrary to preexisting documentation of this function it does not enable | ||
| +policy checking. | ||
|
|
||
| X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled | ||
| by default) and sets the acceptable policy set to B<policies>. Any existing | ||
| @@ -377,6 +378,10 @@ and has no effect. | ||
|
|
||
| The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i. | ||
|
|
||
| +The function X509_VERIFY_PARAM_add0_policy() was historically documented as | ||
| +enabling policy checking however the implementation has never done this. | ||
| +The documentation was changed to align with the implementation. | ||
| + | ||
| =head1 COPYRIGHT | ||
|
|
||
| Copyright 2009-2020 The OpenSSL Project Authors. All Rights Reserved. |