From 130bfe7799a344256505216ee232291471a3672c Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 6 Mar 2024 10:36:07 +0100 Subject: [PATCH 1/4] Add change log Signed-off-by: Ronald Cron --- ChangeLog.d/tls13-only-server-infinite-loop.txt | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 ChangeLog.d/tls13-only-server-infinite-loop.txt diff --git a/ChangeLog.d/tls13-only-server-infinite-loop.txt b/ChangeLog.d/tls13-only-server-infinite-loop.txt new file mode 100644 index 000000000..4e54b2be1 --- /dev/null +++ b/ChangeLog.d/tls13-only-server-infinite-loop.txt @@ -0,0 +1,6 @@ +Security + * Fixed a critical denial of service in TLS 1.3 only server (TLS 1.2 support + disabled at build time): a TLS client could put the TLS 1.3 only server in + a infinite loop processing a TLS 1.2 ClientHello. The default + configuration is not affected. Reported by Matthias Mucha and Thomas + Blattmann, SICK AG. From e301813da44e0d2830be1c38a38aa89fbe9ba4c6 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 7 Mar 2024 09:01:19 +0100 Subject: [PATCH 2/4] Improve change log Signed-off-by: Ronald Cron --- ChangeLog.d/tls13-only-server-infinite-loop.txt | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/ChangeLog.d/tls13-only-server-infinite-loop.txt b/ChangeLog.d/tls13-only-server-infinite-loop.txt index 4e54b2be1..7232242c8 100644 --- a/ChangeLog.d/tls13-only-server-infinite-loop.txt +++ b/ChangeLog.d/tls13-only-server-infinite-loop.txt @@ -1,6 +1,5 @@ Security - * Fixed a critical denial of service in TLS 1.3 only server (TLS 1.2 support - disabled at build time): a TLS client could put the TLS 1.3 only server in - a infinite loop processing a TLS 1.2 ClientHello. The default - configuration is not affected. Reported by Matthias Mucha and Thomas - Blattmann, SICK AG. + * Fixed a denial of service in TLS 1.3-only server (TLS 1.2 support + disabled at build time): a TLS client could put the TLS 1.3-only server in + an infinite loop processing a TLS 1.2 ClientHello. Reported by Matthias + Mucha and Thomas Blattmann, SICK AG. From 53dff7b0af544d22d801e886a11ce1f5e3bab89e Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 7 Mar 2024 16:01:43 +0100 Subject: [PATCH 3/4] Do not forget about TLS 1.2 disabled at runtime aspect Signed-off-by: Ronald Cron --- ChangeLog.d/tls13-only-server-infinite-loop.txt | 5 ----- ChangeLog.d/tls13-only-server.txt | 10 ++++++++++ 2 files changed, 10 insertions(+), 5 deletions(-) delete mode 100644 ChangeLog.d/tls13-only-server-infinite-loop.txt create mode 100644 ChangeLog.d/tls13-only-server.txt diff --git a/ChangeLog.d/tls13-only-server-infinite-loop.txt b/ChangeLog.d/tls13-only-server-infinite-loop.txt deleted file mode 100644 index 7232242c8..000000000 --- a/ChangeLog.d/tls13-only-server-infinite-loop.txt +++ /dev/null @@ -1,5 +0,0 @@ -Security - * Fixed a denial of service in TLS 1.3-only server (TLS 1.2 support - disabled at build time): a TLS client could put the TLS 1.3-only server in - an infinite loop processing a TLS 1.2 ClientHello. Reported by Matthias - Mucha and Thomas Blattmann, SICK AG. diff --git a/ChangeLog.d/tls13-only-server.txt b/ChangeLog.d/tls13-only-server.txt new file mode 100644 index 000000000..0ee63eab8 --- /dev/null +++ b/ChangeLog.d/tls13-only-server.txt @@ -0,0 +1,10 @@ +Security + * When negotiating TLS version on server side, do not fallback to the + TLS 1.2 implementation of the protocol if it is not enabled. + - If the TLS 1.2 implementation was disabled at build time, a TLS 1.2 + client was able to put the TLS 1.3-only server in an infinite loop + processing a TLS 1.2 ClientHello, resulting in a Denial of Service. + Reported by Matthias Mucha and Thomas Blattmann, SICK AG. + - If the TLS 1.2 implementation was disabled at runtime, a TLS 1.2 client + was able to successfully established a connection with the TLS 1.3-only + server. Reported by alluettiv on GitHub. From 44193fa573e29194bc895a4a704ae28be4dc94b2 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 11 Mar 2024 13:40:24 +0100 Subject: [PATCH 4/4] Fix and improve the change log Signed-off-by: Ronald Cron --- ChangeLog.d/tls13-only-server.txt | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/ChangeLog.d/tls13-only-server.txt b/ChangeLog.d/tls13-only-server.txt index 0ee63eab8..9583bfb33 100644 --- a/ChangeLog.d/tls13-only-server.txt +++ b/ChangeLog.d/tls13-only-server.txt @@ -1,10 +1,10 @@ Security - * When negotiating TLS version on server side, do not fallback to the - TLS 1.2 implementation of the protocol if it is not enabled. + * When negotiating TLS version on server side, do not fall back to the + TLS 1.2 implementation of the protocol if it is disabled. - If the TLS 1.2 implementation was disabled at build time, a TLS 1.2 - client was able to put the TLS 1.3-only server in an infinite loop - processing a TLS 1.2 ClientHello, resulting in a Denial of Service. - Reported by Matthias Mucha and Thomas Blattmann, SICK AG. + client could put the TLS 1.3-only server in an infinite loop processing + a TLS 1.2 ClientHello, resulting in a denial of service. Reported by + Matthias Mucha and Thomas Blattmann, SICK AG. - If the TLS 1.2 implementation was disabled at runtime, a TLS 1.2 client - was able to successfully established a connection with the TLS 1.3-only - server. Reported by alluettiv on GitHub. + was able to successfully establish a TLS 1.2 connection with the server. + Reported by alluettiv on GitHub.