From 58da249465bd16ed05ce1c673665ca2350d9cfaf Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 21 Aug 2024 22:03:16 +0200 Subject: [PATCH 1/3] Changelog entry for the RSA memory leak Signed-off-by: Gilles Peskine --- .../mbedtls_psa_rsa_load_representation-memory_leak.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/mbedtls_psa_rsa_load_representation-memory_leak.txt diff --git a/ChangeLog.d/mbedtls_psa_rsa_load_representation-memory_leak.txt b/ChangeLog.d/mbedtls_psa_rsa_load_representation-memory_leak.txt new file mode 100644 index 000000000..dba25af61 --- /dev/null +++ b/ChangeLog.d/mbedtls_psa_rsa_load_representation-memory_leak.txt @@ -0,0 +1,3 @@ +Bugfix + * Fix a memory leak that could occur when failing to process an RSA + key through some PSA functions due to low memory conditions. From c3ed44cc3bae953b94d4cbadd1d5fd91375cb820 Mon Sep 17 00:00:00 2001 From: Elena Uziunaite Date: Thu, 22 Aug 2024 09:00:57 +0100 Subject: [PATCH 2/3] Tiny fix in ChangeLog Signed-off-by: Elena Uziunaite --- ChangeLog.d/fix_reporting_of_key_usage_issues.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/fix_reporting_of_key_usage_issues.txt b/ChangeLog.d/fix_reporting_of_key_usage_issues.txt index 75fbb6cc1..08a0ab270 100644 --- a/ChangeLog.d/fix_reporting_of_key_usage_issues.txt +++ b/ChangeLog.d/fix_reporting_of_key_usage_issues.txt @@ -1,7 +1,7 @@ Security * With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certificate does not have appropriate values - in if keyUsage or extKeyUsage extensions, then the return value of + in keyUsage or extKeyUsage extensions, then the return value of mbedtls_ssl_get_verify_result() would incorrectly have the MBEDTLS_X509_BADCERT_KEY_USAGE and MBEDTLS_X509_BADCERT_KEY_USAGE bits clear. As a result, an attacker that had a certificate valid for uses other From d2cb074a3a13459767470b5b197e904c454332b6 Mon Sep 17 00:00:00 2001 From: Elena Uziunaite Date: Thu, 22 Aug 2024 09:23:48 +0100 Subject: [PATCH 3/3] Tiny fix in ChangeLog pt 2 Signed-off-by: Elena Uziunaite --- ChangeLog.d/fix_reporting_of_key_usage_issues.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/fix_reporting_of_key_usage_issues.txt b/ChangeLog.d/fix_reporting_of_key_usage_issues.txt index 08a0ab270..b81fb426a 100644 --- a/ChangeLog.d/fix_reporting_of_key_usage_issues.txt +++ b/ChangeLog.d/fix_reporting_of_key_usage_issues.txt @@ -3,7 +3,7 @@ Security client, if the client-provided certificate does not have appropriate values in keyUsage or extKeyUsage extensions, then the return value of mbedtls_ssl_get_verify_result() would incorrectly have the - MBEDTLS_X509_BADCERT_KEY_USAGE and MBEDTLS_X509_BADCERT_KEY_USAGE bits + MBEDTLS_X509_BADCERT_KEY_USAGE and MBEDTLS_X509_BADCERT_EXT_KEY_USAGE bits clear. As a result, an attacker that had a certificate valid for uses other than TLS client authentication could be able to use it for TLS client authentication anyway. Only TLS 1.3 servers were affected, and only with