mirror of
https://github.com/openwrt/openwrt.git
synced 2025-01-19 19:27:27 +00:00
b463a13881
This fixes the following security problems: * CVE-2019-9494: cache attack against SAE * CVE-2019-9495: cache attack against EAP-pwd * CVE-2019-9496: SAE confirm missing state validation in hostapd/AP * CVE-2019-9497: EAP-pwd server not checking for reflection attack) * CVE-2019-9498: EAP-pwd server missing commit validation for scalar/element * CVE-2019-9499: EAP-pwd peer missing commit validation for scalar/element * CVE-2019-11555: EAP-pwd message reassembly issue with unexpected fragment Most of these problems are not relevant for normal users, SAE is only used in ieee80211s mesh mode and EAP-pwd is normally not activated. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
53 lines
1.7 KiB
Diff
53 lines
1.7 KiB
Diff
From ac8fa9ef198640086cf2ce7c94673be2b6a018a0 Mon Sep 17 00:00:00 2001
|
|
From: Jouni Malinen <jouni@codeaurora.org>
|
|
Date: Tue, 5 Mar 2019 23:43:25 +0200
|
|
Subject: [PATCH 10/14] SAE: Fix confirm message validation in error cases
|
|
|
|
Explicitly verify that own and peer commit scalar/element are available
|
|
when trying to check SAE confirm message. It could have been possible to
|
|
hit a NULL pointer dereference if the peer element could not have been
|
|
parsed. (CVE-2019-9496)
|
|
|
|
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
|
|
---
|
|
src/common/sae.c | 14 +++++++++++---
|
|
1 file changed, 11 insertions(+), 3 deletions(-)
|
|
|
|
--- a/src/common/sae.c
|
|
+++ b/src/common/sae.c
|
|
@@ -1464,23 +1464,31 @@ int sae_check_confirm(struct sae_data *s
|
|
|
|
wpa_printf(MSG_DEBUG, "SAE: peer-send-confirm %u", WPA_GET_LE16(data));
|
|
|
|
- if (sae->tmp == NULL) {
|
|
+ if (!sae->tmp || !sae->peer_commit_scalar ||
|
|
+ !sae->tmp->own_commit_scalar) {
|
|
wpa_printf(MSG_DEBUG, "SAE: Temporary data not yet available");
|
|
return -1;
|
|
}
|
|
|
|
- if (sae->tmp->ec)
|
|
+ if (sae->tmp->ec) {
|
|
+ if (!sae->tmp->peer_commit_element_ecc ||
|
|
+ !sae->tmp->own_commit_element_ecc)
|
|
+ return -1;
|
|
sae_cn_confirm_ecc(sae, data, sae->peer_commit_scalar,
|
|
sae->tmp->peer_commit_element_ecc,
|
|
sae->tmp->own_commit_scalar,
|
|
sae->tmp->own_commit_element_ecc,
|
|
verifier);
|
|
- else
|
|
+ } else {
|
|
+ if (!sae->tmp->peer_commit_element_ffc ||
|
|
+ !sae->tmp->own_commit_element_ffc)
|
|
+ return -1;
|
|
sae_cn_confirm_ffc(sae, data, sae->peer_commit_scalar,
|
|
sae->tmp->peer_commit_element_ffc,
|
|
sae->tmp->own_commit_scalar,
|
|
sae->tmp->own_commit_element_ffc,
|
|
verifier);
|
|
+ }
|
|
|
|
if (os_memcmp_const(verifier, data + 2, SHA256_MAC_LEN) != 0) {
|
|
wpa_printf(MSG_DEBUG, "SAE: Confirm mismatch");
|