[OpenSSL-1.0.2] CVE-2024-0727 PKCS12 Decoding crashes

Takehiko NOZAKI reporter

changed status to resolved

BUGFIX: Issue ~~#400~~ - CVE-2024-0727 PKCS12 Decoding crashes

cherry picked from https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2 and modified by me.

original commit message:

Add NULL checks where ContentInfo data can be NULL

PKCS12 structures contain PKCS7 ContentInfo fields. These fields are optional and can be NULL even if the "type" is a valid value. OpenSSL was not properly accounting for this and a NULL dereference can occur causing a crash.

CVE-2024-0727

Reviewed-by: Tomas Mraz tomas@openssl.org Reviewed-by: Hugo Landau hlandau@openssl.org Reviewed-by: Neil Horman nhorman@openssl.org (Merged from https://github.com/openssl/openssl/pull/23362)

(cherry picked from commit d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c)

→ <<cset 0c28b80324ad>>

2024-07-03T17:46:23+00:00

Comments (1)

Takehiko NOZAKI reporter
- changed status to resolved
BUGFIX: Issue ~~#400~~ - CVE-2024-0727 PKCS12 Decoding crashes

cherry picked from https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2 and modified by me.

original commit message:

Add NULL checks where ContentInfo data can be NULL

PKCS12 structures contain PKCS7 ContentInfo fields. These fields are optional and can be NULL even if the "type" is a valid value. OpenSSL was not properly accounting for this and a NULL dereference can occur causing a crash.

CVE-2024-0727

Reviewed-by: Tomas Mraz tomas@openssl.org Reviewed-by: Hugo Landau hlandau@openssl.org Reviewed-by: Neil Horman nhorman@openssl.org (Merged from https://github.com/openssl/openssl/pull/23362)

(cherry picked from commit d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c)

→ <<cset 0c28b80324ad>>
- 2024-07-03T17:46:23+00:00
Log in to comment