FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-16 06:42:40 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
c1b2b492-6999-11ec-a50c-001cc0382b2f	Mbed TLS -- Potential double-free after an out of memory error Manuel PÃÂ©gouriÃÂ©-Gonnard reports: If mbedtls_ssl_set_session() or mbedtls_ssl_get_session() were to fail with MBEDTLS_ERR_SSL_ALLOC_FAILED (in an out of memory condition), then calling mbedtls_ssl_session_free() and mbedtls_ssl_free() in the usual manner would cause an internal session buffer to be freed twice, due to two structures both having valid pointers to it after a call to ssl_session_copy(). An attacker could potentially trigger the out of memory condition, and therefore use this bug to create memory corruption, which could then be further exploited or targetted. Discovery 2021-12-14 Entry 2021-12-30 mbedtls < 2.16.12 ge 2.17.0 lt 2.28.0 CVE-2021-44732 https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2021-12
4c69240f-f02c-11ea-838a-0011d823eebd	Mbed TLS -- Local side channel attack on classical CBC decryption in (D)TLS Manuel PÃ©gouriÃ©-Gonnard reports: When decrypting/authenticating (D)TLS record in a connection using a CBC ciphersuite without the Encrypt-then-Mac extension RFC 7366, Mbed TLS used dummy rounds of the compression function associated with the hash used for HMAC in order to hide the length of the padding to remote attackers, as recommended in the original Lucky Thirteen paper. A local attacker who is able to observe the state of the cache could monitor the presence of mbedtls_md_process() in the cache in order to determine when the actual computation ends and when the dummy rounds start. This is a reliable target as it's always called at least once, in response to a previous attack. The attacker can then continue with one of many well-documented Lucky 13 variants. Discovery 2020-09-01 Entry 2020-09-06 mbedtls < 2.16.8 https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1 CVE-2020-16150
bcdeb6d2-f02d-11ea-838a-0011d823eebd	Mbed TLS -- Local side channel attack on RSA and static Diffie-Hellman Manuel PÃ©gouriÃ©-Gonnard reports: An attacker with access to precise enough timing and memory access information (typically an untrusted operating system attacking a secure enclave such as SGX or the TrustZone secure world) can recover the private keys used in RSA or static (finite-field) Diffie-Hellman operations. Discovery 2020-09-01 Entry 2020-09-06 mbedtls < 2.16.8 https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-2

VuXML ID

Description

c1b2b492-6999-11ec-a50c-001cc0382b2f

Mbed TLS -- Potential double-free after an out of memory error

Manuel PÃÂ©gouriÃÂ©-Gonnard reports:

If mbedtls_ssl_set_session() or mbedtls_ssl_get_session() were to fail with MBEDTLS_ERR_SSL_ALLOC_FAILED (in an out of memory condition), then calling mbedtls_ssl_session_free() and mbedtls_ssl_free() in the usual manner would cause an internal session buffer to be freed twice, due to two structures both having valid pointers to it after a call to ssl_session_copy().

An attacker could potentially trigger the out of memory condition, and therefore use this bug to create memory corruption, which could then be further exploited or targetted.

Discovery 2021-12-14
Entry 2021-12-30
mbedtls

< 2.16.12

ge 2.17.0 lt 2.28.0

CVE-2021-44732
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2021-12

4c69240f-f02c-11ea-838a-0011d823eebd

Mbed TLS -- Local side channel attack on classical CBC decryption in (D)TLS

Manuel PÃ©gouriÃ©-Gonnard reports:

When decrypting/authenticating (D)TLS record in a connection using a CBC ciphersuite without the Encrypt-then-Mac extension RFC 7366, Mbed TLS used dummy rounds of the compression function associated with the hash used for HMAC in order to hide the length of the padding to remote attackers, as recommended in the original Lucky Thirteen paper.

A local attacker who is able to observe the state of the cache could monitor the presence of mbedtls_md_process() in the cache in order to determine when the actual computation ends and when the dummy rounds start. This is a reliable target as it's always called at least once, in response to a previous attack. The attacker can then continue with one of many well-documented Lucky 13 variants.

Discovery 2020-09-01
Entry 2020-09-06
mbedtls

< 2.16.8

https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1
CVE-2020-16150

bcdeb6d2-f02d-11ea-838a-0011d823eebd

Mbed TLS -- Local side channel attack on RSA and static Diffie-Hellman

An attacker with access to precise enough timing and memory access information (typically an untrusted operating system attacking a secure enclave such as SGX or the TrustZone secure world) can recover the private keys used in RSA or static (finite-field) Diffie-Hellman operations.

Discovery 2020-09-01
Entry 2020-09-06
mbedtls

< 2.16.8

https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-2