diff --git a/backport-CVE-2024-41996.patch b/backport-CVE-2024-41996.patch new file mode 100644 index 0000000000000000000000000000000000000000..ffc2cbc6e191a1263269e1225248a399105f8c66 --- /dev/null +++ b/backport-CVE-2024-41996.patch @@ -0,0 +1,40 @@ +From e70e34d857d4003199bcb5d3b52ca8102ccc1b98 Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Mon, 5 Aug 2024 17:54:14 +0200 +Subject: [PATCH] dh_kmgmt.c: Avoid expensive public key validation for known + safe-prime groups +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The partial validation is fully sufficient to check the key validity. + +Thanks to Szilárd Pfeiffer for reporting the issue. + +Reviewed-by: Neil Horman +Reviewed-by: Matt Caswell +Reviewed-by: Paul Dale +(Merged from https://github.com/openssl/openssl/pull/25088) +--- + providers/implementations/keymgmt/dh_kmgmt.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c +index 82c3093b122c2..ebdce767102ee 100644 +--- a/providers/implementations/keymgmt/dh_kmgmt.c ++++ b/providers/implementations/keymgmt/dh_kmgmt.c +@@ -388,9 +388,11 @@ static int dh_validate_public(const DH *dh, int checktype) + if (pub_key == NULL) + return 0; + +- /* The partial test is only valid for named group's with q = (p - 1) / 2 */ +- if (checktype == OSSL_KEYMGMT_VALIDATE_QUICK_CHECK +- && ossl_dh_is_named_safe_prime_group(dh)) ++ /* ++ * The partial test is only valid for named group's with q = (p - 1) / 2 ++ * but for that case it is also fully sufficient to check the key validity. ++ */ ++ if (ossl_dh_is_named_safe_prime_group(dh)) + return ossl_dh_check_pub_key_partial(dh, pub_key, &res); + + return DH_check_pub_key_ex(dh, pub_key); diff --git a/openssl.spec b/openssl.spec index 0846e8915154a53e8251a859a648142af3a809dc..bf4a1dcb9279e5af849c1a014ec72533cf98afad 100755 --- a/openssl.spec +++ b/openssl.spec @@ -2,7 +2,7 @@ Name: openssl Epoch: 1 Version: 3.0.12 -Release: 17 +Release: 18 Summary: Cryptography and SSL/TLS Toolkit License: OpenSSL and SSLeay URL: https://www.openssl.org/ @@ -76,8 +76,8 @@ Patch63: backport-Refactor-OSSL_LIB_CTX-to-avoid-using-CRYPTO_EX_DATA.patch Patch64: backport-Release-the-drbg-in-the-global-default-context-befor.patch Patch65: backport-params-provide-a-faster-TRIE-based-param-lookup.patch Patch66: backport-CVE-2024-13176-Fix-timing-side-channel.patch - Patch67: 0001-add-support-for-sw_64-architecture.patch +Patch68: backport-CVE-2024-41996.patch Patch9000: add-FIPS_mode_set-support.patch Patch9001: backport-CVE-2024-9143-Harden-BN_GF2m_poly2arr-against-misuse.patch @@ -282,6 +282,9 @@ make test || : %ldconfig_scriptlets libs %changelog +* Fri Aug 15 2025 yanglongkang - 1:3.0.12-18 +- fix CVE-2024-41996 + * Thu Apr 3 2025 swcompiler - 1:3.0.12-17 - add support for sw_64 architecture