From: Stefan Ghinea <stefan.ghi...@windriver.com> An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation, if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller.
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX. References: https://nvd.nist.gov/vuln/detail/CVE-2022-46392 https://nvd.nist.gov/vuln/detail/CVE-2022-46393 Upstream patches: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2 Signed-off-by: Stefan Ghinea <stefan.ghi...@windriver.com> Signed-off-by: Khem Raj <raj.k...@gmail.com> (cherry picked from commit 2ab113e8be42ae2dd61babb8e9a1742684df1f59) Signed-off-by: Armin Kuster <akuster...@gmail.com> --- .../mbedtls/{mbedtls_2.28.1.bb => mbedtls_2.28.2.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-networking/recipes-connectivity/mbedtls/{mbedtls_2.28.1.bb => mbedtls_2.28.2.bb} (97%) diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.1.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.2.bb similarity index 97% rename from meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.1.bb rename to meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.2.bb index 742414dd8a..15bd7cf43d 100644 --- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.1.bb +++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.2.bb @@ -23,7 +23,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" SECTION = "libs" S = "${WORKDIR}/git" -SRCREV = "dd79db10014d85b26d11fe57218431f2e5ede6f2" +SRCREV = "89f040a5c938985c5f30728baed21e49d0846a53" SRC_URI = "git://github.com/ARMmbed/mbedtls.git;protocol=https;branch=mbedtls-2.28" inherit cmake -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#101626): https://lists.openembedded.org/g/openembedded-devel/message/101626 Mute This Topic: https://lists.openembedded.org/mt/97764474/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
