Bug 2269084 (CVE-2024-28835)

Summary: CVE-2024-28835 gnutls: potential crash during chain building/verification
Product: [Other] Security Response Reporter: Robb Gatica <rgatica>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: agarcial, aoconnor, aprice, asegurap, bdettelb, caswilli, dfreiber, dhalasz, dkuc, drow, fjansen, hkataria, jburrell, jbuscemi, jmitchel, jsamir, jsherril, jtanner, kaycoth, kholdawa, kshier, luizcosta, mpierce, nweather, oezr, orabin, psegedy, security-response-team, sidakwo, stcannon, sthirugn, vkrizan, vkumar, vmugicag, xiaoxwan, yguenane, zzhou
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: gnutls-3.8.4 Doc Type: If docs needed, set a value
Doc Text:
A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2270594    
Bug Blocks: 2269079    

Description Robb Gatica 2024-03-11 23:29:54 UTC 
Embargoed issue as reported at https://gitlab.com/gnutls/gnutls/-/issues/1525  
(duplicate - https://gitlab.com/gnutls/gnutls/-/issues/1527)

---

Description of problem:
I'm reporting a crash observed during chain building/verification. I've turned into a reproducer (not minimal yet, but reliably crashes for me), which I'm attaching to this issue.

As additional context: this reproducer comes from Netflix's BetterTLS (github.com/Netflix/bettertls) project; specifically, it's test case 61 in their "path validation" suite. As such, it's already public on the Internet. However, nobody appears to have run BetterTLS against a recent version of GnuTLS, so I'm filing this as a private issue for triage.

Version of gnutls used:
This crash has been observed on GnuTLS 3.8.3, via certtool. I'm using the Homebrew distribution of GnuTLS 3.8.3: https://formulae.brew.sh/formula/gnutls#default

How reproducible:
I'm attaching a reproducer in the form of a PEM bundle

Steps to Reproduce:
certtool --verify-chain --infile bug.pem

Expected results:
I expected a normal program exit, with an exit code of 1 or 0.

Actual results:
The program crashes with SIGTRAP, which is probably just because macOS catches the SIGSEGV for triage.

Observed output:
Note that no verification profile was selected. In the future the medium profile will be enabled by default.Use --verify-profile low to
apply the default verification of NORMAL priority string.|<1>| There was a non-CA certificate in the trusted list: O=bettertls.com,CN=D,serialNumber=9d9b1ac3-6af5-47f2-9cdb-2201652648a0.Trace/BPT
trap: 5
Comment 3 Sandipan Roy 2024-03-21 05:31:54 UTC 
Created gnutls tracking bugs for this issue:

Affects: fedora-all [bug 2270594]
Comment 5 errata-xmlrpc 2024-04-18 02:18:44 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:1879 https://access.redhat.com/errata/RHSA-2024:1879
Comment 6 errata-xmlrpc 2024-04-30 14:40:50 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2024:2570 https://access.redhat.com/errata/RHSA-2024:2570
Comment 7 errata-xmlrpc 2024-05-16 18:14:03 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.2 Extended Update Support

Via RHSA-2024:2889 https://access.redhat.com/errata/RHSA-2024:2889