oss-sec mailing list archives
wolfSSL 5.4.0 fixes CVE-2022-34293 and other issues
From: Fabian Keil <freebsd-listen () fabiankeil de>
Date: Mon, 8 Aug 2022 16:28:41 +0200
Looks like wolfSSL 5.4.0 has been released weeks ago but I only became aware of it today thanks to the FreeBSD ports commit mail [0]. According to the package status on the GitHub page [1] others projects haven't imported the update yet either. Quoting the project page: | The wolfSSL embedded SSL library (formerly CyaSSL) is a lightweight | SSL/TLS library written in ANSI C and targeted for embedded, RTOS, | and resource-constrained environments - primarily because of its | small size, speed, and feature set. It is commonly used in standard | operating environments as well because of its royalty-free pricing | and excellent cross platform support. Quoting the commit message: | Release 5.4.0 of wolfSSL embedded TLS has bug fixes and new features including: | | Vulnerabilities | | * [High] Potential for DTLS DoS attack. In wolfSSL versions before 5.4.0 the | return-routability check is wrongly skipped in a specific edge case. The check | on the return-routability is there for stopping attacks that either consume | excessive resources on the server, or try to use the server as an amplifier | sending an excessive amount of messages to a victim IP. If using DTLS 1.0/1.2 | on the server side users should update to avoid the potential DoS | attack. CVE-2022-34293 | * [Medium] Ciphertext side channel attack on ECC and DH operations. Users on | systems where rogue agents can monitor memory use should update the version of | wolfSSL and change private ECC keys. Thanks to Sen Deng from Southern | University of Science and Technology (SUSTech) for the report. | * [Medium] Public disclosure of a side channel vulnerability that has been fixed | since wolfSSL version 5.1.0. When running on AMD there is the potential to | leak private key information with ECDSA operations due to a ciphertext side | channel attack. Users on AMD doing ECDSA operations with wolfSSL versions less | than 5.1.0 should update their wolfSSL version used. Thanks to professor | Yinqian Zhang from Southern University of Science and Technology (SUSTech), | his Ph.D. student Mengyuan Li from The Ohio State University, and his M.S | students Sen Deng and Yining Tang from SUStech along with other collaborators; | Luca Wilke, Jan Wichelmann and Professor Thomas Eisenbarth from the University | of Lubeck, Professor Shuai Wang from Hong Kong University of Science and | Technology, Professor Radu Teodorescu from The Ohio State University, Huibo | Wang, Kang Li and Yueqiang Cheng from Baidu Security and Shoumeng Yang from | Ant Financial Services Group. | CVE-2020-12966 | https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1013 | CVE-2021-46744 | https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1033 In somewhat related news I started collecting Privoxy TLS benchmarks using various TLS libraries a while ago ([3]). WolfSSL appears to be competitive. Fabian [0] <https://cgit.freebsd.org/ports/commit/?id=4850ea1e3ca82f63f94654cf1b9790ec476bbb18> [1] <https://github.com/wolfSSL/wolfssl/> [2] <https://www.fabiankeil.de/gehacktes/privoxy-tls-benchmarks/>
Attachment:
_bin
Description: OpenPGP digital signature
Current thread:
- wolfSSL 5.4.0 fixes CVE-2022-34293 and other issues Fabian Keil (Aug 08)