Bug 1764345 (CVE-2019-12290) - CVE-2019-12290 libidn2: Improper roundtrip checks when converting A-labels to U-labels
Summary: CVE-2019-12290 libidn2: Improper roundtrip checks when converting A-labels to...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2019-12290
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1772703 1773229
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-10-22 20:10 UTC by Pedro Sampaio
Modified: 2021-10-27 10:49 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-10-27 10:49:50 UTC


Attachments (Terms of Use)

Description Pedro Sampaio 2019-10-22 20:10:44 UTC
GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.

References:

https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5
https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de
https://gitlab.com/libidn/libidn2/merge_requests/71


Note You need to log in before you can comment on or make changes to this bug.