oss-sec mailing list archives
CVE request: GnuTLS TLS record handling issue / MU-201202-01
From: Stefan Cornelius <scorneli () redhat com>
Date: Wed, 21 Mar 2012 12:32:59 +0100
Hi, Correcting myself as more details about the GnuTLS case were revealed: GnuTLS needs a CVE after all, for another issue different from CVE-2012-1569. Quoting the Mu Dynamics advisory [1]: The block cipher decryption logic in GnuTLS assumed that a record containing any data which was a multiple of the block size was valid for further decryption processing, leading to a heap corruption vulnerability. The bug can be reproduced in GnuTLS 3.0.14 by creating a corrupt GenericBlockCipher struct with a valid IV, while everything else is stripped off the end, while the handshake message length retains its original value: [...] This will cause a segmentation fault, when the ciphertext_to_compressed function tries to give decrypted data to _gnutls_auth_cipher_add_auth for HMAC verification, even though the data length is invalid, and it should have returned GNUTLS_E_DECRYPTION_FAILED or GNUTLS_E_UNEXPECTED_PACKET_LENGTH instead, before _gnutls_auth_cipher_add_auth was called. NOTE: This CVE request is only for the GnuTLS TLS record handling issue / MU-201202-01. When looking at the release notes [2] and [3], there are other issues that may be worthy of a CVE, but are currently still under investigation: ** libgnutls: Eliminate double free during SRP authentication. Reported by Peter Penzov. ** libgnutls: PKCS #11 objects that do not have ID no longer crash listing. Reported by Sven Geggus. -- References -- [1] Mu Dynamics: http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/ [2] GnuTLS 3.0.15 release announcement: http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5912 [3] GnuTLS 2.12.17 release announcement: http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5910 [4] GNUTLS-SA-2012-2: http://www.gnu.org/software/gnutls/security.html [5] Red Hat bug: https://bugzilla.redhat.com/show_bug.cgi?id=805432 Thanks and kind regards, -- Stefan Cornelius / Red Hat Security Response Team
Current thread:
- CVE request: GnuTLS TLS record handling issue / MU-201202-01 Stefan Cornelius (Mar 21)
- Re: CVE request: GnuTLS TLS record handling issue / MU-201202-01 Tomas Hoger (Mar 21)