mirror of
https://github.com/openwrt/openwrt.git
synced 2025-02-06 02:59:27 +00:00
b5c728948c
This release of Mbed TLS provides bug fixes and minor enhancements. This release includes fixes for following security issues: * Timing side channel in private key RSA operations (CVE-2024-23170) Mbed TLS is vulnerable to a timing side channel in private key RSA operations. This side channel could be sufficient for an attacker to recover the plaintext. A local attacker or a remote attacker who is close to the victim on the network might have precise enough timing measurements to exploit this. It requires the attacker to send a large number of messages for decryption. * Buffer overflow in mbedtls_x509_set_extension() (CVE-2024-23775) When writing x509 extensions we failed to validate inputs passed in to mbedtls_x509_set_extension(), which could result in an integer overflow, causing a zero-length buffer to be allocated to hold the extension. The extension would then be copied into the buffer, causing a heap buffer overflow. Fixes: CVE-2024-23170, CVE-2024-23775 References: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-1/ References: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-2/ Signed-off-by: orangepizza <tjtncks@gmail.com> Signed-off-by: Petr Štetiar <ynezz@true.cz> [formal fixes] (cherry picked from commit 920414ca8848fe1b430e436207b4f8c927819368)