Quoting Tavis Ormandy's advisory "Incorrect integer conversions in OpenSSL can result in memory corruption.": asn1_d2i_read_bio in OpenSSL contains multiple integer errors that can cause memory corruption when parsing encoded ASN.1 data. This error can be exploited on systems that parse untrusted data, such as X.509 certificates or RSA public keys. Reference: http://seclists.org/fulldisclosure/2012/Apr/210 Tavis's post also provides link to an upstream advisory, which has not been published yet. Fixes are not yet available in upstream CVS repository. http://www.openssl.org/news/secadv_20120419.txt
Created mingw32-openssl tracking bugs for this issue Affects: fedora-all [bug 814203]
Created openssl tracking bugs for this issue Affects: fedora-all [bug 814202]
(In reply to comment #0) > Fixes are not yet available in upstream CVS repository. Committed now in 0.9.8 and 1.0.0 branches: http://cvs.openssl.org/chngview?cn=22431 http://cvs.openssl.org/chngview?cn=22434
(In reply to comment #6) > Committed now in 0.9.8 and 1.0.0 branches: > > http://cvs.openssl.org/chngview?cn=22431 > http://cvs.openssl.org/chngview?cn=22434 1.0.1 branch commit: http://cvs.openssl.org/chngview?cn=22439 Upstream advisory is now available to: http://www.openssl.org/news/secadv_20120419.txt Any application which uses BIO or FILE based functions to read untrusted DER format data is vulnerable. Affected functions are of the form d2i_*_bio or d2i_*_fp, for example d2i_X509_bio or d2i_PKCS12_fp. Applications using the memory based ASN1 functions (d2i_X509, d2i_PKCS12 etc) are not affected. In particular the SSL/TLS code of OpenSSL is *not* affected. Applications only using the PEM routines are not affected. S/MIME or CMS applications using the built in MIME parser SMIME_read_PKCS7 or SMIME_read_CMS *are* affected. The OpenSSL command line utility is also affected if used to process untrusted data in DER format. Note: although an application using the SSL/TLS portions of OpenSSL is not automatically affected it might still call a function such as d2i_X509_bio on untrusted data and be vulnerable. Fixed upstream in versions 1.0.1a, 1.0.0i and 0.9.8v.
OpenSSH upstream details on how OpenSSH is affected by this OpenSSL issue: http://marc.info/?l=openssh-unix-dev&m=133483989311217&w=2
External Reference: http://www.openssl.org/news/secadv_20120419.txt
Few notes on what is affected by this issue: Upstream advisory mentions: Applications using the memory based ASN1 functions (d2i_X509, d2i_PKCS12 etc) are not affected. In particular the SSL/TLS code of OpenSSL is *not* affected. SSL/TLS code is mentioned explicitly as ASN.1 encoded data - server and possibly client X509 certificates - are transferred and parsed during the SSL/TLS handshake. Those certificates are parsed using d2i_X509 function, which do not lead to a call of the affected asn1_d2i_read_bio function. SSL/TLS server or client may call the affected function to load certificates or private keys. Those inputs are usually trusted. Additionally, applications may only support loading those from PEM encoded files. Upstream advisory notes PEM routines are unaffected: Applications only using the PEM routines are not affected. Upstream advisory further notes that applications reading S/MIME or CMS files are affected: S/MIME or CMS applications using the built in MIME parser SMIME_read_PKCS7 or SMIME_read_CMS *are* affected. CMS format is only supported in openssl version in Red Hat Enterprise Linux 6. Older versions do not have CMS support. OCSP support in httpd/mod_ssl is affected affected by this issue, as it uses d2i_OCSP_RESPONSE_bio function. OCSP response read from the network can trigger this issue. The httpd versions in Red Hat Enterprise Linux 3, 4, 5 and 6 do not include OCSP support. OCSP support in available in JBoss Enterprise Web Server 1 httpd packages. Upstream advisory also notes that various openssl command's sub-commands can call affected asn1_d2i_read_bio function: The OpenSSL command line utility is also affected if used to process untrusted data in DER format.
On the OCSP stapling code: http://marc.info/?l=apache-httpd-dev&m=133493590915303
Upstream fix as included in 0.9.8v did not completely address this issue in OpenSSL versions 0.9.x. This problem has now been corrected in 0.9.8w, see bug #815661 / CVE-2012-2131 for details. OpenSSL versions 1.0.0 and 1.0.1 were not affected by this incomplete fix problem.
Created mingw32-openssl tracking bugs for this issue Affects: epel-5 [bug 815672]
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 Via RHSA-2012:0518 https://rhn.redhat.com/errata/RHSA-2012-0518.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6.0 EUS - Server Only Red Hat Enterprise Linux 6.1 EUS - Server Only Red Hat Enterprise Linux 3 Extended Lifecycle Support Red Hat Enterprise Linux 4 Extended Lifecycle Support Red Hat Enterprise Linux 5.3 Long Life Red Hat Enterprise Linux 5.6 EUS - Server Only Via RHSA-2012:0522 https://rhn.redhat.com/errata/RHSA-2012-0522.html
openssl-1.0.0i-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.
openssl-1.0.0i-1.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.
openssl-1.0.0i-1.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products: JBoss Enterprise Application Platform 6.0.0 Via RHSA-2012:1308 https://rhn.redhat.com/errata/RHSA-2012-1308.html
This issue has been addressed in following products: JBoss Enterprise Application Platform 5.1.2 Via RHSA-2012:1307 https://rhn.redhat.com/errata/RHSA-2012-1307.html
This issue has been addressed in following products: JBoss Enterprise Web Server 1.0.2 Via RHSA-2012:1306 https://rhn.redhat.com/errata/RHSA-2012-1306.html