git.ipfire.org Git - thirdparty/openssl.git/commit

]> git.ipfire.org Git - thirdparty/openssl.git/commit

projects / thirdparty / openssl.git / commit

author	Viktor Dukhovni <openssl-users@dukhovni.org>
	Thu, 11 Sep 2025 16:10:12 +0000 (18:10 +0200)
committer	Tomas Mraz <tomas@openssl.org>
	Mon, 29 Sep 2025 09:57:36 +0000 (11:57 +0200)
commit	9c462be2cea54ebfc62953224220b56f8ba22a0c
tree	f5dc1bbda38a38d4acd5508b9d435aba7bedde93	tree \| snapshot
parent	3206bb708246a97b281133009a419fb7421971d9	commit \| diff

kek_unwrap_key(): Fix incorrect check of unwrapped key size

Fixes CVE-2025-9230

The check is off by 8 bytes so it is possible to overread by
up to 8 bytes and overwrite up to 4 bytes.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>

crypto/cms/cms_pwri.c

diff | blob | blame | history

Mirror of https://github.com/openssl/openssl.git

RSS Atom