openssl: Security fix CVE-2016-7055
There is a carry propagating bug in the Broadwell-specific Montgomery
multiplication procedure that handles input lengths divisible by, but
longer than 256 bits.
External References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7055
https://www.openssl.org/news/secadv/20161110.txt
Patch from:
57c4b9f6a2
(From OE-Core rev: 07cfa9e2bceb07f3baf40681f8c57f4d3da0aee5)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
parent
f3c9e66e8d
commit
25078834f7
|
@ -0,0 +1,43 @@
|
|||
From 57c4b9f6a2f800b41ce2836986fe33640f6c3f8a Mon Sep 17 00:00:00 2001
|
||||
From: Andy Polyakov <appro@openssl.org>
|
||||
Date: Sun, 6 Nov 2016 18:33:17 +0100
|
||||
Subject: [PATCH] bn/asm/x86_64-mont.pl: fix for CVE-2016-7055 (Low severity).
|
||||
|
||||
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
||||
(cherry picked from commit 2fac86d9abeaa643677d1ffd0a139239fdf9406a)
|
||||
|
||||
Upstream-Status: Backport [https://github.com/openssl/openssl/commit/57c4b9f6a2f800b41ce2836986fe33640f6c3f8a]
|
||||
CVE: CVE-2016-7055
|
||||
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
|
||||
---
|
||||
crypto/bn/asm/x86_64-mont.pl | 5 ++---
|
||||
1 file changed, 2 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/crypto/bn/asm/x86_64-mont.pl b/crypto/bn/asm/x86_64-mont.pl
|
||||
index 044fd7e..80492d8 100755
|
||||
--- a/crypto/bn/asm/x86_64-mont.pl
|
||||
+++ b/crypto/bn/asm/x86_64-mont.pl
|
||||
@@ -1148,18 +1148,17 @@ $code.=<<___;
|
||||
mulx 2*8($aptr),%r15,%r13 # ...
|
||||
adox -3*8($tptr),%r11
|
||||
adcx %r15,%r12
|
||||
- adox $zero,%r12
|
||||
+ adox -2*8($tptr),%r12
|
||||
adcx $zero,%r13
|
||||
+ adox $zero,%r13
|
||||
|
||||
mov $bptr,8(%rsp) # off-load &b[i]
|
||||
- .byte 0x67
|
||||
mov $mi,%r15
|
||||
imulq 24(%rsp),$mi # "t[0]"*n0
|
||||
xor %ebp,%ebp # xor $zero,$zero # cf=0, of=0
|
||||
|
||||
mulx 3*8($aptr),%rax,%r14
|
||||
mov $mi,%rdx
|
||||
- adox -2*8($tptr),%r12
|
||||
adcx %rax,%r13
|
||||
adox -1*8($tptr),%r13
|
||||
adcx $zero,%r14
|
||||
--
|
||||
2.7.4
|
||||
|
|
@ -40,6 +40,7 @@ SRC_URI += "file://find.pl;subdir=${BP}/util/ \
|
|||
file://configure-musl-target.patch \
|
||||
file://parallel.patch \
|
||||
file://openssl-util-perlpath.pl-cwd.patch \
|
||||
file://CVE-2016-7055.patch \
|
||||
"
|
||||
SRC_URI[md5sum] = "96322138f0b69e61b7212bc53d5e912b"
|
||||
SRC_URI[sha256sum] = "e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431"
|
||||
|
|
Loading…
Reference in New Issue