ALT Linux Team

Branch sisyphus update on 2020-09-02

2020-09-02

ALT-BU-2020-4011-1

Branch sisyphus update bulletin.

ALT-PU-2020-2711-1

Package mbedtls updated to version 2.24.0-alt1 for branch sisyphus in task 257181.

Closed vulnerabilities

Published: 2022-04-01
Modified: 2022-11-21

BDU:2022-01651

Уязвимость функции x509_crt_verify_name реализации протоколов TLS и SSL Mbed TLS, позволяющая нарушителю оказать воздействие на целостность данных

Severity: MEDIUM (5.9) Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Severity: MEDIUM (4.3) Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
References:
Published: 2022-04-06

BDU:2022-01834

Уязвимость функции mbedtls_x509_crl_parse_der реализации протоколов TLS и SSL Mbed TLS, позволяющая нарушителю вызвать отказ в обслуживании

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH (7.8) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
References:
Published: 2022-04-06

BDU:2022-01852

Уязвимость реализации протоколов TLS и SSL Mbed TLS, связанная с раскрытием информации через несоответствие, позволяющая нарушителю получить доступ к конфиденциальным данным

Severity: MEDIUM (5.3) Vector: AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM (6.3) Vector: AV:N/AC:M/Au:S/C:C/I:N/A:N
References:
Published: 2022-04-11
Modified: 2023-11-21

BDU:2022-02040

Уязвимость функции mbedtls_ssl_read реализации протоколов TLS и SSL Mbed TLS, позволяющая нарушителю оказать воздействие на целостность данных

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Severity: HIGH (7.8) Vector: AV:N/AC:L/Au:N/C:N/I:C/A:N
References:
Published: 2022-04-11

BDU:2022-02043

Уязвимость реализации протоколов TLS и SSL Mbed TLS, связанная с ошибками процедуры подтверждения подлинности сертификата, позволяющая нарушителю оказать воздействие на целостность данных

Severity: MEDIUM (5.3) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Severity: MEDIUM (4.3) Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
References:
Published: 2020-09-02
Modified: 2024-11-21

CVE-2020-16150

A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length.

Severity: LOW (2.1) Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References:
Published: 2021-07-19
Modified: 2024-11-21

CVE-2020-36424

An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key (for RSA or static Diffie-Hellman) via a side-channel attack against generation of base blinding/unblinding values.

Severity: LOW (1.9) Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N
Severity: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
References:
Published: 2021-07-19
Modified: 2024-11-21

CVE-2020-36425

An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock.

Severity: MEDIUM (4.3) Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Severity: MEDIUM (5.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
References:
Published: 2021-07-19
Modified: 2024-11-21

CVE-2020-36426

An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte).

Severity: MEDIUM (5.0) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-08-23
Modified: 2024-11-21

CVE-2020-36476

An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS). There is missing zeroization of plaintext buffers in mbedtls_ssl_read to erase unused application data from memory.

Severity: MEDIUM (5.0) Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
References:
Published: 2021-08-23
Modified: 2024-11-21

CVE-2020-36477

An issue was discovered in Mbed TLS before 2.24.0. The verification of X.509 certificates when matching the expected common name (the cn argument of mbedtls_x509_crt_verify) with the actual certificate name is mishandled: when the subjecAltName extension is present, the expected name is compared to any name in that extension regardless of its type. This means that an attacker could impersonate a 4-byte or 16-byte domain by getting a certificate for the corresponding IPv4 or IPv6 address (this would require the attacker to control that IP address, though).

Severity: MEDIUM (4.3) Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Severity: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.2
Back to top