[prev in list] [next in list] [prev in thread] [next in thread] 

List:       nettle-bugs
Subject:    Bug fixes for Nettle-3.9
From:       Niels_Möller <nisse () lysator ! liu ! se>
Date:       2023-05-27 18:12:03
Message-ID: cpfcz2lzlsc.fsf () shipon ! lysator ! liu ! se
[Download RAW message or body]

I have seen two rather serious bug reports for Nettle-3.9, both
affecting the new code in the release. 

First, the OCB issue reported on this list. Since it's a memory clobber
bug, it's rather serious, and may well be exploitable.

The other is an alignment-related bug in the new ghash assembly, which
leads to a crash but likely not exploitable (if the attacker can control
where an application's ghash subkeys are located in memory, it would be
a denial of service attack, though). But unlike OCB which is new, this
crash is a regression.

I'd like to get a bug fix release out coming week, draft NEWS entries
below. Are there any other issues that need urgent fixes?

Regards,
/Niels

NEWS for the Nettle 3.9.1 release

	This is a bugfix release, fixing a few bugs reported for
	Nettle-3.9. The bug in the new OCB code may be exploitable for
	denial of service or worse, since triggering it leads to
	memory corruption. Upgrading from Nettle-3.9 to the new
	version is strongly recommended.

	The new version is intended to be fully source and binary
	compatible with Nettle-3.6. The shared library names are
	libnettle.so.8.8 and libhogweed.so.6.8, with sonames
	libnettle.so.8 and libhogweed.so.6.

	Bug fixes:

	* Fix OCB loop for processing messages of size 272 bytes or
	  larger. Reported and fixed by Jussi Kivilinna.

	* Fix alignment bug in the new x86_64 non-pclmul assembly
	  implementation of ghash. Reported by Henrik Grubbström.

	* Fix build-time memory leak in eccdata. Reported by Noah
	  Watkins.

-- 
Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1FF368C6677.
Internet email is subject to wholesale government surveillance.

_______________________________________________
nettle-bugs mailing list -- nettle-bugs@lists.lysator.liu.se
To unsubscribe send an email to nettle-bugs-leave@lists.lysator.liu.se

[prev in list] [next in list] [prev in thread] [next in thread]