aesv8-armx.pl: Avoid buffer overrread in AES-XTS decryption

Original author: Nevine Ebeid (Amazon) Fixes: CVE-2023-1255 The buffer overread happens on decrypts of 4 mod 5 sizes. Unless the memory just after the buffer is unmapped this is harmless. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.com/openssl/openssl/pull/20759)
author: Tomas Mraz <tomas@openssl.org> 2023-04-17 16:51:20 +0200
committer: Tomas Mraz <tomas@openssl.org> 2023-04-20 17:48:16 +0200
commit: 72dfe46550ee1f1bbfacd49f071419365bc23304 (patch)
tree: 0477afabc47052b9d1b264c18f07ca283193d5a9 /NEWS.md
parent: c8093347f736c7991350d26048b680d0e64974a0 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/NEWS.md b/NEWS.md
index 5f154d1e6e..5c52f617e3 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -38,6 +38,8 @@ OpenSSL 3.1
 
 ### Major changes between OpenSSL 3.1.0 and OpenSSL 3.1.1 [under development]
 
+  * Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms
+    ([CVE-2023-1255])
   * Fixed documentation of X509_VERIFY_PARAM_add0_policy() ([CVE-2023-0466])
   * Fixed handling of invalid certificate policies in leaf certificates
     ([CVE-2023-0465])
@@ -1466,6 +1468,7 @@ OpenSSL 0.9.x
   * Support for various new platforms
 
 <!-- Links -->
+[CVE-2023-1255]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-1255
 [CVE-2023-0466]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0466
 [CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465
 [CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464
author	Tomas Mraz <tomas@openssl.org>	2023-04-17 16:51:20 +0200
committer	Tomas Mraz <tomas@openssl.org>	2023-04-20 17:48:16 +0200
commit	72dfe46550ee1f1bbfacd49f071419365bc23304 (patch)
tree	0477afabc47052b9d1b264c18f07ca283193d5a9 /NEWS.md
parent	c8093347f736c7991350d26048b680d0e64974a0 (diff)