Source: openssl Version: 3.1.4-2 Severity: important Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Control: found -1 3.0.11-1~deb12u2
Hi, The following vulnerability was published for openssl. CVE-2023-6129[0]: | Issue summary: The POLY1305 MAC (message authentication code) | implementation contains a bug that might corrupt the internal state | of applications running on PowerPC CPU based platforms if the CPU | provides vector instructions. Impact summary: If an attacker can | influence whether the POLY1305 MAC algorithm is used, the | application state might be corrupted with various application | dependent consequences. The POLY1305 MAC (message authentication | code) implementation in OpenSSL for PowerPC CPUs restores the | contents of vector registers in a different order than they are | saved. Thus the contents of some of these vector registers are | corrupted when returning to the caller. The vulnerable code is used | only on newer PowerPC processors supporting the PowerISA 2.07 | instructions. The consequences of this kind of internal application | state corruption can be various - from no consequences, if the | calling application does not depend on the contents of non-volatile | XMM registers at all, to the worst consequences, where the attacker | could get complete control of the application process. However | unless the compiler uses the vector registers for storing pointers, | the most likely consequence, if any, would be an incorrect result of | some application dependent calculations or a crash leading to a | denial of service. The POLY1305 MAC algorithm is most frequently | used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption | with associated data) algorithm. The most common usage of this AEAD | cipher is with TLS protocol versions 1.2 and 1.3. If this cipher is | enabled on the server a malicious client can influence whether this | AEAD cipher is used. This implies that TLS server applications using | OpenSSL can be potentially impacted. However we are currently not | aware of any concrete application that would be affected by this | issue therefore we consider this a Low severity security issue. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-6129 https://www.cve.org/CVERecord?id=CVE-2023-6129 [1] https://www.openssl.org/news/secadv/20240109.txt Regards, Salvatore
