From 07d8baf3367cbbf81877510e5102e6193da4bfe7 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 23 Mar 2023 15:31:25 +0000 Subject: [PATCH] Updated CHANGES.md and NEWS.md for CVE-2023-0465 Also updated the entries for CVE-2023-0464 Related-to: CVE-2023-0465 Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/20586) --- CHANGES.md | 12 ++++++++++++ NEWS.md | 6 +++++- 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/CHANGES.md b/CHANGES.md index 99cabb3057fb..511886d213f9 100644 --- CHANGES.md.orig +++ CHANGES.md @@ -24,12 +24,22 @@ OpenSSL 3.1 ### Changes between 3.1.0 and 3.1.1 [xx XXX xxxx] + * Fixed an issue where invalid certificate policies in leaf certificates are + silently ignored by OpenSSL and other certificate policy checks are skipped + for that certificate. A malicious CA could use this to deliberately assert + invalid certificate policies in order to circumvent policy checking on the + certificate altogether. + ([CVE-2023-0465]) + + *Matt Caswell* + * Limited the number of nodes created in a policy tree to mitigate against CVE-2023-0464. The default limit is set to 1000 nodes, which should be sufficient for most installations. If required, the limit can be adjusted by setting the OPENSSL_POLICY_TREE_NODES_MAX build time define to a desired maximum number of nodes or zero to allow unlimited growth. + ([CVE-2023-0464]) *Paul Dale* @@ -19689,6 +19699,8 @@ ndif +[CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 +[CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 [CVE-2023-0401]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0401 [CVE-2023-0286]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0286 [CVE-2023-0217]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0217 diff --git a/NEWS.md b/NEWS.md index c243c5e6818a..23f918f604ea 100644 --- NEWS.md.orig +++ NEWS.md @@ -21,7 +21,9 @@ OpenSSL 3.1 ### Major changes between OpenSSL 3.1.0 and OpenSSL 3.1.1 [under development] - * none + * Fixed handling of invalid certificate policies in leaf certificates + ([CVE-2023-0465]) + * Limited the number of nodes created in a policy tree ([CVE-2023-0464]) ### Major changes between OpenSSL 3.0 and OpenSSL 3.1.0 [14 Mar 2023] @@ -1446,6 +1448,8 @@ OpenSSL 0.9.x * Support for various new platforms +[CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 +[CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 [CVE-2023-0401]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0401 [CVE-2023-0286]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0286 [CVE-2023-0217]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0217 From facfb1ab745646e97a1920977ae4a9965ea61d5c Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Tue, 7 Mar 2023 16:52:55 +0000 Subject: [PATCH] Ensure that EXFLAG_INVALID_POLICY is checked even in leaf certs Even though we check the leaf cert to confirm it is valid, we later ignored the invalid flag and did not notice that the leaf cert was bad. Fixes: CVE-2023-0465 Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/20586) --- crypto/x509/x509_vfy.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 9384f1da9bad..a0282c3ef121 100644 --- crypto/x509/x509_vfy.c.orig +++ crypto/x509/x509_vfy.c @@ -1654,15 +1654,23 @@ static int check_policy(X509_STORE_CTX *ctx) goto memerr; /* Invalid or inconsistent extensions */ if (ret == X509_PCY_TREE_INVALID) { - int i; + int i, cbcalled = 0; /* Locate certificates with bad extensions and notify callback. */ - for (i = 1; i < sk_X509_num(ctx->chain); i++) { + for (i = 0; i < sk_X509_num(ctx->chain); i++) { X509 *x = sk_X509_value(ctx->chain, i); + if ((x->ex_flags & EXFLAG_INVALID_POLICY) != 0) + cbcalled = 1; CB_FAIL_IF((x->ex_flags & EXFLAG_INVALID_POLICY) != 0, ctx, x, i, X509_V_ERR_INVALID_POLICY_EXTENSION); } + if (!cbcalled) { + /* Should not be able to get here */ + ERR_raise(ERR_LIB_X509, ERR_R_INTERNAL_ERROR); + return 0; + } + /* The callback ignored the error so we return success */ return 1; } if (ret == X509_PCY_TREE_FAILURE) {