From c7f0b1991b664668cd5ddeb636705717a8612262 Mon Sep 17 00:00:00 2001 From: steven Date: Mon, 12 Jun 2023 11:07:26 +0800 Subject: [PATCH] fix CVE-2023-2650 (cherry picked from commit 9bbdf61f7080c474fd6645a21293d74cdc407ea2) --- ...e-of-OBJECT-IDENTIFIERs-that-OBJ_obj.patch | 65 +++++++++++++++++++ openssl.spec | 6 +- 2 files changed, 70 insertions(+), 1 deletion(-) create mode 100644 backport-CVE-2023-2650-Restrict-the-size-of-OBJECT-IDENTIFIERs-that-OBJ_obj.patch diff --git a/backport-CVE-2023-2650-Restrict-the-size-of-OBJECT-IDENTIFIERs-that-OBJ_obj.patch b/backport-CVE-2023-2650-Restrict-the-size-of-OBJECT-IDENTIFIERs-that-OBJ_obj.patch new file mode 100644 index 0000000..0e6be32 --- /dev/null +++ b/backport-CVE-2023-2650-Restrict-the-size-of-OBJECT-IDENTIFIERs-that-OBJ_obj.patch @@ -0,0 +1,65 @@ +From 423a2bc737a908ad0c77bda470b2b59dc879936b Mon Sep 17 00:00:00 2001 +From: Richard Levitte +Date: Fri, 12 May 2023 10:00:13 +0200 +Subject: [PATCH] Restrict the size of OBJECT IDENTIFIERs that OBJ_obj2txt will + translate + +OBJ_obj2txt() would translate any size OBJECT IDENTIFIER to canonical +numeric text form. For gigantic sub-identifiers, this would take a very +long time, the time complexity being O(n^2) where n is the size of that +sub-identifier. + +To mitigate this, a restriction on the size that OBJ_obj2txt() will +translate to canonical numeric text form is added, based on RFC 2578 +(STD 58), which says this: + +> 3.5. OBJECT IDENTIFIER values +> +> An OBJECT IDENTIFIER value is an ordered list of non-negative numbers. +> For the SMIv2, each number in the list is referred to as a sub-identifier, +> there are at most 128 sub-identifiers in a value, and each sub-identifier +> has a maximum value of 2^32-1 (4294967295 decimal). + +Fixes otc/security#96 +Fixes CVE-2023-2650 + +Reviewed-by: Matt Caswell +Reviewed-by: Tomas Mraz +--- + NEWS.md | 4 ++++ + crypto/objects/obj_dat.c | 19 +++++++++++++++++++ + 3 files changed, 50 insertions(+) + +diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c +index 01cde00e98..c0e55197a0 100644 +--- a/crypto/objects/obj_dat.c ++++ b/crypto/objects/obj_dat.c +@@ -443,6 +443,25 @@ int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name) + first = 1; + bl = NULL; + ++ /* ++ * RFC 2578 (STD 58) says this about OBJECT IDENTIFIERs: ++ * ++ * > 3.5. OBJECT IDENTIFIER values ++ * > ++ * > An OBJECT IDENTIFIER value is an ordered list of non-negative ++ * > numbers. For the SMIv2, each number in the list is referred to as a ++ * > sub-identifier, there are at most 128 sub-identifiers in a value, ++ * > and each sub-identifier has a maximum value of 2^32-1 (4294967295 ++ * > decimal). ++ * ++ * So a legitimate OID according to this RFC is at most (32 * 128 / 7), ++ * i.e. 586 bytes long. ++ * ++ * Ref: https://datatracker.ietf.org/doc/html/rfc2578#section-3.5 ++ */ ++ if (len > 586) ++ goto err; ++ + while (len > 0) { + l = 0; + use_bn = 0; +-- +2.27.0 + diff --git a/openssl.spec b/openssl.spec index 14a8fae..df6e118 100644 --- a/openssl.spec +++ b/openssl.spec @@ -2,7 +2,7 @@ Name: openssl Epoch: 1 Version: 3.0.8 -Release: 6 +Release: 7 Summary: Cryptography and SSL/TLS Toolkit License: OpenSSL and SSLeay URL: https://www.openssl.org/ @@ -30,6 +30,7 @@ Patch18: backport-Ensure-that-EXFLAG_INVALID_POLICY-is-checked-even-in.patch Patch19: backport-Generate-some-certificates-with-the-certificatePolic.patch Patch20: backport-Fix-documentation-of-X509_VERIFY_PARAM_add0_policy.patch Patch21: backport-CVE-2023-1255.patch +Patch22: backport-CVE-2023-2650-Restrict-the-size-of-OBJECT-IDENTIFIERs-that-OBJ_obj.patch BuildRequires: gcc gcc-c++ perl make lksctp-tools-devel coreutils util-linux zlib-devel Requires: coreutils %{name}-libs%{?_isa} = %{epoch}:%{version}-%{release} @@ -230,6 +231,9 @@ make test || : %ldconfig_scriptlets libs %changelog +* Mon Jun 12 2023 steven - 1:3.0.8-7 +- fix CVE-2023-2650 + * Wed Apr 26 2023 zcwei - 1:3.0.8-6 - fix CVE-2023-1255 -- Gitee