Debian Bug report logs -
#1021021
wolfssl: CVE-2022-38152 CVE-2022-38153 CVE-2022-39173
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, Felix Lechner <felix.lechner@lease-up.com>
:
Bug#1021021
; Package src:wolfssl
.
(Fri, 30 Sep 2022 15:03:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Mühlenhoff <jmm@inutil.org>
:
New Bug report received and forwarded. Copy sent to team@security.debian.org, Felix Lechner <felix.lechner@lease-up.com>
.
(Fri, 30 Sep 2022 15:03:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: wolfssl
X-Debbugs-CC: team@security.debian.org
Severity: grave
Tags: security
Hi,
The following vulnerabilities were published for wolfssl.
CVE-2022-38152[0]:
| An issue was discovered in wolfSSL before 5.5.0. When a TLS 1.3 client
| connects to a wolfSSL server and SSL_clear is called on its session,
| the server crashes with a segmentation fault. This occurs in the
| second session, which is created through TLS session resumption and
| reuses the initial struct WOLFSSL. If the server reuses the previous
| session structure (struct WOLFSSL) by calling wolfSSL_clear(WOLFSSL*
| ssl) on it, the next received Client Hello (that resumes the previous
| session) crashes the server. Note that this bug is only triggered when
| resuming sessions using TLS session resumption. Only servers that use
| wolfSSL_clear instead of the recommended SSL_free; SSL_new sequence
| are affected. Furthermore, wolfSSL_clear is part of wolfSSL's
| compatibility layer and is not enabled by default. It is not part of
| wolfSSL's native API.
https://github.com/wolfSSL/wolfssl/pull/5468
CVE-2022-38153[1]:
| An issue was discovered in wolfSSL before 5.5.0 (when --enable-
| session-ticket is used); however, only version 5.3.0 is exploitable.
| Man-in-the-middle attackers or a malicious server can crash TLS 1.2
| clients during a handshake. If an attacker injects a large ticket
| (more than 256 bytes) into a NewSessionTicket message in a TLS 1.2
| handshake, and the client has a non-empty session cache, the session
| cache frees a pointer that points to unallocated memory, causing the
| client to crash with a "free(): invalid pointer" message. NOTE: It is
| likely that this is also exploitable during TLS 1.3 handshakes between
| a client and a malicious server. With TLS 1.3, it is not possible to
| exploit this as a man-in-the-middle.
https://github.com/wolfSSL/wolfssl/pull/5476
CVE-2022-39173[2]:
| In wolfSSL before 5.5.1, malicious clients can cause a buffer overflow
| during a TLS 1.3 handshake. This occurs when an attacker supposedly
| resumes a previous TLS session. During the resumption Client Hello a
| Hello Retry Request must be triggered. Both Client Hellos are required
| to contain a list of duplicate cipher suites to trigger the buffer
| overflow. In total, two Client Hellos have to be sent: one in the
| resumed session, and a second one as a response to a Hello Retry
| Request message.
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2022-38152
https://www.cve.org/CVERecord?id=CVE-2022-38152
[1] https://security-tracker.debian.org/tracker/CVE-2022-38153
https://www.cve.org/CVERecord?id=CVE-2022-38153
[2] https://security-tracker.debian.org/tracker/CVE-2022-39173
https://www.cve.org/CVERecord?id=CVE-2022-39173
Please adjust the affected versions in the BTS as needed.
Added tag(s) upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Fri, 30 Sep 2022 15:24:10 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Sat Oct 1 13:21:53 2022;
Machine Name:
bembo
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.