Two DTLS problems that lead to memory leaks were fixed by OpenSSL developers; [1], [2]. Fix: The following patch brings upstream patches to the FreeBSD port: The following VuXML entry should be evaluated and added: <vuln vid="d84b3398-43b0-11de-9b62-0022156e8794"> <topic>openssl -- Denial of Service in DTLS implementation</topic> <affects> <package> <name>openssl</name> <range><ge>0.9.8</ge><lt>0.9.8k_1</lt></range> </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml"> <p>OpenSSL developers report on the DTLS unlimited record buffer growth:</p> <blockquote cite="http://rt.openssl.org/Ticket/Display.html?id=1930"> <p>Records are buffered if they arrive with a future epoch to be processed after finishing the corresponding handshake. There is currently no limitation to this buffer allowing an attacker to perform a DOS attack with sending records with future epochs until there is no memory left.</p> </blockquote> <p>OpenSSL developers report on the DTLS fragment handling memory leak:</p> <blockquote cite="http://rt.openssl.org/Ticket/Display.html?id=1931"> <p>In dtls1_process_out_of_seq_message() the check if the current message is already buffered was missing. For every new message was memory allocated, allowing an attacker to perform an denial of service attack with sending out of seq handshake messages until there is no memory left. Additionally every future message was buffered, even if the sequence number made no sense and would be part of another handshake.</p> </blockquote> </body> </description> <references> <cvename>CVE-2009-1377</cvename> <cvename>CVE-2009-1378</cvename> <url>http://rt.openssl.org/Ticket/Display.html?id=1930</url> <url>http://rt.openssl.org/Ticket/Display.html?id=1931</url> </references> <dates> <discovery>2009-05-18</discovery> <entry>TODAY</entry> </dates> </vuln> --- vuln.xml ends here --- The mentioned patches also apply fine to the OpenSSL in HEAD, though more testing is needed: DTLS client and server from the base system segfaults badly on most of my attempts. I am not sure if anyone uses DTLS now, but the bug should be fixed anyway. Please, note: if anyone will want to test openssl s_client/s_server with dtls1, he should manually set MTU value via '-mtu NNNN' -- OpenSSL's MTU discovery is badly broken on FreeBSD and produces 0xFFFFFFFF as the MTU value that will be transformed into (-1) and will cause harm :((--2aGrOqkiunt79R1uYmsHWza82ymHs0lz92q481QXg72LzU2k Content-Type: text/plain; name="fix-0.9.8k.diff" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="fix-0.9.8k.diff" From 5f601b8118ae27f33d04142b96c7084b0f93913b Mon Sep 17 00:00:00 2001 From: Eygene Ryabinkin <rea-fbsd@codelabs.ru> Date: Mon, 18 May 2009 17:53:10 +0400 Patches were taken directly from the OpenSSL RT bugtracker: http://rt.openssl.org/Ticket/Display.html?id=1930 http://rt.openssl.org/Ticket/Display.html?id=1931 Signed-off-by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> --- security/openssl/Makefile | 1 + security/openssl/files/patch-CVE-2009-1377 | 46 ++++++++++++++++++++++++++++ security/openssl/files/patch-CVE-2009-1378 | 22 +++++++++++++ 3 files changed, 69 insertions(+), 0 deletions(-) create mode 100644 security/openssl/files/patch-CVE-2009-1377 create mode 100644 security/openssl/files/patch-CVE-2009-1378 diff --git a/security/openssl/Makefile b/security/openssl/Makefile index 72c3f4c..65d889d 100644 --- a/security/openssl/Makefile +++ b/security/openssl/Makefile @@ -7,6 +7,7 @@ PORTNAME= openssl PORTVERSION= 0.9.8k +PORTREVISION= 1 CATEGORIES= security devel MASTER_SITES= http://www.openssl.org/%SUBDIR%/ \ ftp://ftp.openssl.org/%SUBDIR%/ \ diff --git a/security/openssl/files/patch-CVE-2009-1377 b/security/openssl/files/patch-CVE-2009-1377 new file mode 100644 index 0000000..9d0e941 --- /dev/null +++ b/security/openssl/files/patch-CVE-2009-1377 @@ -0,0 +1,46 @@ +Obtained-from: http://rt.openssl.org/Ticket/Attachment/22260/10159/dtls-record-buffer-bug-1.0.0.patch + +--- crypto/pqueue/pqueue.c 2005-12-20 08:03:10.000000000 +0100 ++++ crypto/pqueue/pqueue.c 2009-05-15 16:07:33.000000000 +0200 +@@ -237,3 +237,17 @@ + + return ret; + } ++ ++int ++pqueue_size(pqueue_s *pq) ++{ ++ pitem *item = pq->items; ++ int count = 0; ++ ++ while(item != NULL) ++ { ++ count++; ++ item = item->next; ++ } ++ return count; ++} + +--- crypto/pqueue/pqueue.h 2005-06-08 00:21:14.000000000 +0200 ++++ crypto/pqueue/pqueue.h 2009-05-15 16:07:03.000000000 +0200 +@@ -89,5 +89,6 @@ + pitem *pqueue_next(piterator *iter); + + void pqueue_print(pqueue pq); ++int pqueue_size(pqueue pq); + + #endif /* ! HEADER_PQUEUE_H */ + +--- ssl/d1_pkt.c 2009-04-23 18:32:40.000000000 +0200 ++++ ssl/d1_pkt.c 2009-05-15 16:06:23.000000000 +0200 +@@ -207,6 +207,10 @@ + DTLS1_RECORD_DATA *rdata; + pitem *item; + ++ /* Limit the size of the queue to prevent DOS attacks */ ++ if (pqueue_size(queue->q) >= 100) ++ return 0; ++ + rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA)); + item = pitem_new(priority, rdata); + if (rdata == NULL || item == NULL) diff --git a/security/openssl/files/patch-CVE-2009-1378 b/security/openssl/files/patch-CVE-2009-1378 new file mode 100644 index 0000000..9b00d55 --- /dev/null +++ b/security/openssl/files/patch-CVE-2009-1378 @@ -0,0 +1,22 @@ +Obtained-from: http://rt.openssl.org/Ticket/Attachment/22314/10203/dtls-fragment-memleak-bug.patch + +--- ssl/d1_both.c 2009-05-18 09:57:08.000000000 +0200 ++++ ssl/d1_both.c 2009-05-18 10:08:51.000000000 +0200 +@@ -561,7 +561,16 @@ + if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len) + goto err; + +- if (msg_hdr->seq <= s->d1->handshake_read_seq) ++ /* Try to find item in queue, to prevent duplicate entries */ ++ pq_64bit_init(&seq64); ++ pq_64bit_assign_word(&seq64, msg_hdr->seq); ++ item = pqueue_find(s->d1->buffered_messages, seq64); ++ pq_64bit_free(&seq64); ++ ++ /* Discard the message if sequence number was already there, is ++ * too far in the future or the fragment is already in the queue */ ++ if (msg_hdr->seq <= s->d1->handshake_read_seq || ++ msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL) + { + unsigned char devnull [256]; + -- 1.6.3.1 How-To-Repeat: [1] http://rt.openssl.org/Ticket/Display.html?id=1930 [2] http://rt.openssl.org/Ticket/Display.html?id=1931 [3] http://article.gmane.org/gmane.comp.security.oss.general/1769
Responsible Changed From-To: freebsd-ports-bugs->dinoex Over to maintainer (via the GNATS Auto Assign Tool)
dinoex 2009-05-20 12:56:26 UTC FreeBSD ports repository Modified files: security/openssl Makefile Added files: security/openssl/files patch-CVE-2009-1377 patch-CVE-2009-1378 Log: - Security Fix Security: CVE-2009-1377 Security: CVE-2009-1378 Security: http://article.gmane.org/gmane.comp.security.oss.general/1769 PR: 134653 Revision Changes Path 1.146 +1 -0 ports/security/openssl/Makefile 1.1 +46 -0 ports/security/openssl/files/patch-CVE-2009-1377 (new) 1.1 +22 -0 ports/security/openssl/files/patch-CVE-2009-1378 (new) _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->patched Patches committed, thanks. waiting for VuXML
miwi 2009-05-30 20:53:22 UTC FreeBSD ports repository Modified files: security/vuxml vuln.xml Log: - Document openssl -- denial of service in DTLS implementation PR: based on 134653 Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> Revision Changes Path 1.1957 +35 -1 ports/security/vuxml/vuln.xml _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: patched->closed documented thx for your good work.