diff options
author | Tomas Mraz <tomas@openssl.org> | 2023-09-08 15:28:45 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-09-11 10:57:03 +0200 |
commit | db976469284516831fbe74ea24e7bbff492bb8e0 (patch) | |
tree | ea66739a237375d5ed03c1a65d84dfed10ac03b7 | |
parent | b98fdb318b367d73cae7680eb264c4424098d537 (diff) |
Add CVE-2023-4807 fix to CHANGES.md and NEWS.md
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22033)
(cherry picked from commit 0be7510f49e498532708fd03628fc3fc62ee7875)
-rw-r--r-- | CHANGES.md | 23 | ||||
-rw-r--r-- | NEWS.md | 4 |
2 files changed, 25 insertions, 2 deletions
diff --git a/CHANGES.md b/CHANGES.md index 6c39212ecf..e519978842 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -30,7 +30,27 @@ breaking changes, and mappings for the large list of deprecated functions. ### Changes between 3.0.10 and 3.0.11 [xx XXX xxxx] - * none yet + * Fix POLY1305 MAC implementation corrupting XMM registers on Windows. + + The POLY1305 MAC (message authentication code) implementation in OpenSSL + does not save the contents of non-volatile XMM registers on Windows 64 + platform when calculating the MAC of data larger than 64 bytes. Before + returning to the caller all the XMM registers are set to zero rather than + restoring their previous content. The vulnerable code is used only on newer + x86_64 processors supporting the AVX512-IFMA instructions. + + The consequences of this kind of internal application state corruption can + be various - from no consequences, if the calling application does not + depend on the contents of non-volatile XMM registers at all, to the worst + consequences, where the attacker could get complete control of the + application process. However given the contents of the registers are just + zeroized so the attacker cannot put arbitrary values inside, the most likely + consequence, if any, would be an incorrect result of some application + dependent calculations or a crash leading to a denial of service. + + ([CVE-2023-4807]) + + *Bernd Edlinger* ### Changes between 3.0.9 and 3.0.10 [1 Aug 2023] @@ -19712,6 +19732,7 @@ ndif <!-- Links --> +[CVE-2023-4807]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-4807 [CVE-2023-3817]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-3817 [CVE-2023-3446]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-3446 [CVE-2023-2975]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-2975 @@ -20,7 +20,8 @@ OpenSSL 3.0 ### Major changes between OpenSSL 3.0.10 and OpenSSL 3.0.11 [under development] - * none + * Fix POLY1305 MAC implementation corrupting XMM registers on Windows + ([CVE-2023-4807]) ### Major changes between OpenSSL 3.0.9 and OpenSSL 3.0.10 [1 Aug 2023] @@ -1452,6 +1453,7 @@ OpenSSL 0.9.x <!-- Links --> +[CVE-2023-4807]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-4807 [CVE-2023-3817]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-3817 [CVE-2023-3446]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-3446 [CVE-2023-2975]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-2975 |