wolfSSL Security Advisory: April 9, 2014



Issue #1 (Memory  Corruption)

CVE-ID:  CVE-2014-2896
Product: CyaSSL
Vendor: wolfSSL Inc.
Affected Versions: CyaSSL 2.9.0 and previous versions
Vulnerability Type:  Improper Input Validation (CWE-20)

Description: The TLS and DTLS implementations in wolfSSL CyaSSL before 2.9.4 lack a buffer length check in DoAlert(), possibly allowing an attacker to set the read index by up to 2 bytes past the length of the input buffer. This could result in memory corruption or a possible out-of-bounds read.

Thanks to Ivan Fratric of the Google Security Team for discovering this  bug.

Issue #2 (Out of bounds read)

CVE-ID: CVE-2014-2897
Product: CyaSSL
Vendor: wolfSSL Inc.
Affected Versions: CyaSSL 2.5.0 - CyaSSL 2.9.0
Vulnerability Type: Cryptographic Issues  (CWE-310)

Description: The SSL version 3 HMAC calculation does not check the padding length for a verify failure because many implementations get this wrong. But the length should still be checked to prevent an out-of-bounds read.

Thanks to Ivan Fratric of the Google Security Team for discovering and reporting this bug.

Issue #3 (Dangerous Default Behavior, out of bounds read)

CVE-ID: CVE-2014-2898
Product: CyaSSL
Vendor: wolfSSL Inc.
Affected Versions: CyaSSL 2.9.0 and previous versions
Vulnerability Type: Unchecked Error Condition (CWE-391)

Description: A user who repeatedly calls CyaSSL_read() without checking the return code can cause an out-of-bound memory access in an error case such as MAC verification failure.

Thanks to Ivan Fratric of the Google Security Team for discovering and reporting this bug.

Issue #4 (NULL pointer dereference)

CVE-ID: CVE-2014-2899
Product: CyaSSL
Vendor: wolfSSL Inc.
Affected Versions: CyaSSL 2.9.0 and previous versions
Vulnerability Type: Improper Input Validation (CWE-20)

Description: A user requesting the peer certificate in a certificate parsing failure case can cause a NULL-pointer dereference. Likewise, if an SSL client receives a client_key_exchange message a NULL-pointer dereference happens if the client does not have the peer’s ephemeral key.

Thanks to Ivan Fratric of the Google Security Team for discovering and reporting this bug.

Issue #5 (Unknown Critical Certificate Extension Allowed)

CVE-ID: CVE-2014-2900
Product: CyaSSL
Vendor: wolfSSL Inc.
Affected Versions: CyaSSL 2.9.0 and previous versions
Vulnerability Type: Improper Input Validation (CWE-20)

Description: Certificate validation must fail if unknown critical extensions are present in the certificate. CyaSSL previously accepted certificates with unknown critical extensions by default.

Thanks to Suman Jana and the security researchers at UT Austin and UC Davis for discovering and reporting this bug.


Originally posted at: http://www.wolfssl.com/wolfSSL/Blog/Entries/2014/4/11_wolfSSL_Security_Advisory__April_9,_2014.html
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.