Description of problem: I cannot reopen bug 207274 so this is filed separately. There is a trouble with openssl-0.9.7a-cve-2006-2940.patch. For crypto/dh/dh_key.c is says: + if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) + { + DHerr(DH_F_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE); + goto err; + } but goto target looks like that: err: BN_CTX_end(ctx); BN_CTX_free(ctx); return(ret); As 'ctx' is not initialized yet if that guard above fires then various unhealthy operations are tried on a garbage pointer. Looks like a possible avenue of an attack although I do not have an exploit. At least a crash is fairly likely. Instead of 'goto err;' there should be 'return(ret);' in that fragment of the patch. Another possiblity would be to do 'BN_CTX *ctx=NULL;' at the function beginning but this does not really buy anything but two "empty" function calls. The same problem shows up in FC5 updates and likely in rawhide and other openssl updated packages as well. Version-Release number of selected component (if applicable): openssl-0.9.7a-43.14
May I ask what happens with this issue? This bug report got marked "urgent" nearly a month ago, openssl-0.9.8b-8 and openssl097a-0.9.7a-9 showed up in rawhide (now FC6) with a correction, but so far nothing in RHEL or FC5. Well, the status is still ASSIGNED.
Thes issue does indeed affect Red Hat's OpenSSL fix for CVE-2006-2940. We consider this flaw to be very low severity as based on our security response team analysis all it can cause is a client crash upon processing a malicious client certificate. Upstream also class this issue as low severity and although it is fixed in OpenSSL CVS, no new release was produced to correct this issue. We plan to address this issue when a future OpenSSL update is needed.
This was fixed in RHEL-4.5 openssl errata.