From patchwork Tue Jun 23 06:09:55 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nitin Wankhade X-Patchwork-Id: 90672 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 257B4CD98F0 for ; Tue, 23 Jun 2026 06:10:17 +0000 (UTC) Received: from mail-pj1-f47.google.com (mail-pj1-f47.google.com [209.85.216.47]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.14775.1782195012191959732 for ; Mon, 22 Jun 2026 23:10:12 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20251104 header.b=Q9kiSvgJ; spf=pass (domain: gmail.com, ip: 209.85.216.47, mailfrom: nitin.wankhade333@gmail.com) Received: by mail-pj1-f47.google.com with SMTP id 98e67ed59e1d1-37c5a6be9c9so849737a91.2 for ; Mon, 22 Jun 2026 23:10:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1782195011; x=1782799811; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=QbBr3lFKfZg5PTJw9FuamsSxSbCi6pXXttxlyM2Atcg=; b=Q9kiSvgJELocUx6nWkUHvs3/YnDZ6/CPGv/8iJDzJwLgWu/62pYFQbl+PP2aPuOmxc Ir58IvD/sNml+HTNMaKUacN6z10pCnx0QZzWLUWiQ+Md1w8AIHPkcXFCh8x1GNgT2Efk 6sYAW+3FmDzLyeg/dscBiPEkvnaZg7pfVt9bAqWt7Clfz7R9bfwew9eZNmqjT1CnEWeq 7jLvd3qlqPIcBQ8jNo1t0RkyGFWyzScp4bkIPswdGxVnKoZzeSw2SP30li46BXq8VjZy N8HE57tCCoVz41DzECTKjWVI/tOJwPNw8QC6z2m4uW2FFxaDnNYjZVzJzGLuzVdLYgPq HYlQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1782195011; x=1782799811; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=QbBr3lFKfZg5PTJw9FuamsSxSbCi6pXXttxlyM2Atcg=; b=P2NJtQ0nphZF274z8udqRpKNs6NCM/6VEyDAXFcblsalqdEXg7Jsx6O0CtcLs6BHCQ p/wFS06MwgaWcmEfCWRC7i6khDxfEbAdY2bsR4b1Q3X/cH/AKKX8kPOvp4BHeQkWs3u9 919h1GdL+cbBfFGZ8vkbRorVyWtYxSARxVsTkF0bUq3IcEDnAjQvE1weWxY+cLq+nrWt x2X64idb57CLyljyh6Tjy48o5391dWkrAvzv+xbp9hz5po7uVKP4gxDdrzvwQnvFlaCH b4kjrvBzf5fmfdA7aHyq0Bf7EOdcWQeoiy8Xuk2ErMTSFbkFFYMPZ0T8qsyDmU+ADfsC fPQQ== X-Gm-Message-State: AOJu0YzcclvmuhDHnb4tvezfqKB4TyDEWLdLB4jkrymqx9tUTioHAGew QgN37TTvbNVuC0H2VDGFikSScHE3qxAmTwx6/peCr1KSn/U3u2rmGvrcoJz9BA== X-Gm-Gg: AfdE7cnC9Ad3KuxuBZsnjrlHANGNXLyfjgjCulX5uEuEjjYd1DJdAZss118GBHNckML +0oOndEZb6Pi+8/3oNZPFYgKsQ2JiySoi1u408EJaKz7J17MEV8dr1qhRgJTMF9GxydH62BsO9R rabKhZR8VorWRZ71rrSF03MX42QNKA4lf4JpgxZfqE93wYYpzBSY7yKgHpWe/A8IDw9cZwPt2mN BbEZOr8cUAWgVQBwc7ncDd4xJjVp8+3H+O9OO1rYIWu5ThDmUm6Tt1wjyTXE9uoz4uik7YFPzA7 TZpHXZU+xPInlq/wU0OjNYpyrOyOlyECsn35XkyJhhdG2Yn/OrMIrcfPoIOY6fFltvLGuJY0KZX I6uUI+bibwCkZTZhVMH17CohQMctSBAhPUN+gWbcbphtIQUsDzplTEm6sUUY3hKfzpRU+S2K1We 4bY/vFFgx86izaUVZMvLgyGdg= X-Received: by 2002:a17:903:2f0b:b0:2c4:397:dd9a with SMTP id d9443c01a7336-2c7bf1b3aacmr16186745ad.4.1782195011450; Mon, 22 Jun 2026 23:10:11 -0700 (PDT) Received: from LL-868L.kpit.com ([49.206.129.123]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2c7439f85f1sm99844045ad.42.2026.06.22.23.10.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2026 23:10:10 -0700 (PDT) From: Nitin Wankhade X-Google-Original-From: Nitin Wankhade To: yocto-patches@lists.yoctoproject.org Cc: nitin.wankhade@kpit.com, Nitin Wankhade Subject: [meta-lts-collab][kirkstone][PATCH V2 1/7] strongswan: Fix CVE-2026-35328 Date: Tue, 23 Jun 2026 11:39:55 +0530 Message-Id: <20260623061001.644583-1-nitin.wankhade@kpit.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 23 Jun 2026 06:10:17 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/4267 From: Nitin Wankhade Upstream-Status: Backport [https://snapshot.debian.org/archive/debian-security-debug/20260422T125423Z/pool/updates/main/s/strongswan/strongswan_6.0.1-6%2Bdeb13u5.debian.tar.xz] Signed-off-by: Nitin Wankhade --- .../strongswan/files/CVE-2026-35328.patch | 42 +++++++++++++++++++ .../strongswan/strongswan_5.9.13.bbappend | 4 ++ 2 files changed, 46 insertions(+) create mode 100644 meta-networking/recipes-support/strongswan/files/CVE-2026-35328.patch create mode 100644 meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend diff --git a/meta-networking/recipes-support/strongswan/files/CVE-2026-35328.patch b/meta-networking/recipes-support/strongswan/files/CVE-2026-35328.patch new file mode 100644 index 0000000..32a23b3 --- /dev/null +++ b/meta-networking/recipes-support/strongswan/files/CVE-2026-35328.patch @@ -0,0 +1,42 @@ +From: Tobias Brunner +Date: Wed, 25 Mar 2026 10:17:46 +0100 +Subject: tls-server: Prevent infinite loop if supported versions are too + short + +If the extension doesn't contain a multiple of two bytes, the previous +code would get stuck in an infinite loop as `remaining()` continued to +return TRUE while `read_uint16()` failed to parse a value. Initiating +several connections with such an extension allows a DoS attack as no +threads would eventually be available to handle packets/events. + +Fixes: 7fbe2e27ecf6 ("tls-server: TLS 1.3 support for TLS server implementation") +Fixes: CVE-2026-35328 + +CVE: CVE-2026-35328 +Upstream-Status: Backport [https://snapshot.debian.org/archive/debian-security-debug/20260422T125423Z/pool/updates/main/s/strongswan/strongswan_6.0.1-6%2Bdeb13u5.debian.tar.xz] +Signed-off-by: Nitin Wankhade +=== +diff --git a/src/libtls/tls_server.c b/src/libtls/tls_server.c +index 3ad9fd2..7b2238e 100644 +--- a/src/libtls/tls_server.c ++++ b/src/libtls/tls_server.c +@@ -471,15 +471,12 @@ static status_t process_client_hello(private_tls_server_t *this, + bio_reader_t *client_versions; + + client_versions = bio_reader_create(versions); +- while (client_versions->remaining(client_versions)) ++ while (client_versions->read_uint16(client_versions, &version)) + { +- if (client_versions->read_uint16(client_versions, &version)) ++ if (this->tls->set_version(this->tls, version, version)) + { +- if (this->tls->set_version(this->tls, version, version)) +- { +- this->client_version = version; +- break; +- } ++ this->client_version = version; ++ break; + } + } + client_versions->destroy(client_versions); diff --git a/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend b/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend new file mode 100644 index 0000000..9d48481 --- /dev/null +++ b/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend @@ -0,0 +1,4 @@ +FILESEXTRAPATHS:prepend := "${THISDIR}/files:" +SRC_URI += "\ + file://CVE-2026-35328.patch \ +" From patchwork Tue Jun 23 06:09:56 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nitin Wankhade X-Patchwork-Id: 90673 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 06FE6CD98F0 for ; Tue, 23 Jun 2026 06:10:27 +0000 (UTC) Received: from mail-pg1-f175.google.com (mail-pg1-f175.google.com [209.85.215.175]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.14969.1782195018298051819 for ; Mon, 22 Jun 2026 23:10:18 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20251104 header.b=jj9R9zTb; spf=pass (domain: gmail.com, ip: 209.85.215.175, mailfrom: nitin.wankhade333@gmail.com) Received: by mail-pg1-f175.google.com with SMTP id 41be03b00d2f7-c8aff9185edso13264a12.0 for ; Mon, 22 Jun 2026 23:10:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1782195017; x=1782799817; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to:content-type; bh=c15kgTN1Dgeji6pZdIZ0MXeCKZXelqTHfX3W284DAcI=; b=jj9R9zTbuaj6aVNF4NJ3VjmE/W1YdR+qzvJUC/YlxiCHqKkgxjevvNznN6KK+sq0FZ 1aPMOQMRCG8ER81lpCJFqNgGvC4Dx4A+VJV47Z9gOt4cwmVMaEky6RLH2giuIH0iHjT8 5GY7QgALwOi+N7kwLTfzuTzOeQRJxgX0dF3SuSbOeKpC0e0OHv8ExJtf3rmKikfGjvAC MNVtPTZOirEuThaMjHsAEDokQAGTUnxXZquo8bFh7KxDr+KqYiK+M95Gqzid+x+Br801 X0LKe0LinLichaw9diu7QBJCK7UeIn+kZf1IxLULssFWngp5X9KMBaUuUkUjD0FQTC1J +pZA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1782195017; x=1782799817; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to:content-type; bh=c15kgTN1Dgeji6pZdIZ0MXeCKZXelqTHfX3W284DAcI=; b=NTiTjYTB9WStEXKEQmQP3VdKuSAwKVnLG9DjacAHrtHj3XFJJeDskO6LpkFOSnNIT5 Hky03z66di2Lqn7FLc2EF6SI4BIZZ6zkONFrh1qtqw/wxP6vcQRns462Bd4nWd7Kwq6K SQucw431Ax/ckgGYENPqJsphjmGEH18Adk0eYzMeWfgbxrOsuhtxEQBIL3HkbBrKK4/d IRjYVVOj/pXtKnKy+6yAlK8/DSDgLiMvu8RQLzju3alWZOo0E0aC5beA8nvO3jiH7YJT KYD7x98Y4ld6Set7uaL+OE1AbM8qQlE6G2Sh0YItIg8SZTe7liyRc4GrryTI/WMZLwzy fSkA== X-Gm-Message-State: AOJu0YwezzCItJEOVlw1EEjyCTPfD9n+JUCh+lVzeUZRzwvukTqGIeBO asKSJHfHehNwR5MTyD27mDv9eD4wQDUa2CY2vULMKbkZYHv78Qu0kb4m4x4QUi2Pmyc= X-Gm-Gg: AfdE7cllKs41t7jxYA7Eio5klrpoDkhQKRnTbMcHlinqtQ6Orh2n7EAtfWd898PczMd Enmlc0JlcaHB8NvgzJlDMKwojLkt+MmOBnM5NHHFDSA1ByDTQhEkArH5E54sfkjeFgvPSOKAXG2 oI45faGDvL3w/q2ZvNbKKP7ogEnKco3IlNFGK2ZL5kb9IcTS2nGFhbLpDYulMCyIG8FaAQrqMfy QmtIz4gSCAP+SCPwdvwXnYL++8K7XiPN7BYwFRbsWGtT6jyMDgmiOtfotz9khc6TroW2mM2aEHU q0Iez8/nFosmIT1Hwlot4JQtEhtUOExD+MJn1JGHEg2Vpk6vi4PSVgrpNhhdBXvGGZyWMdnJ3fz GNiF3A8C+r7bG2z9Ft8CslSY8OPGfBvERKCOkknkora7jK5u1YDI92qAfD+KSnXAvzuziE3q4Ma N9JeEkxNdyXdsxiSe7m/I+owk= X-Received: by 2002:a17:903:13cf:b0:2ba:1e94:d03b with SMTP id d9443c01a7336-2c737ad3f04mr73795945ad.6.1782195017481; Mon, 22 Jun 2026 23:10:17 -0700 (PDT) Received: from LL-868L.kpit.com ([49.206.129.123]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2c7439f85f1sm99844045ad.42.2026.06.22.23.10.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2026 23:10:17 -0700 (PDT) From: Nitin Wankhade X-Google-Original-From: Nitin Wankhade To: yocto-patches@lists.yoctoproject.org Cc: nitin.wankhade@kpit.com, Nitin Wankhade Subject: [meta-lts-collab][kirkstone][PATCH V2 2/7] strongswan: Fix CVE-2026-35329 Date: Tue, 23 Jun 2026 11:39:56 +0530 Message-Id: <20260623061001.644583-2-nitin.wankhade@kpit.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20260623061001.644583-1-nitin.wankhade@kpit.com> References: <20260623061001.644583-1-nitin.wankhade@kpit.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 23 Jun 2026 06:10:27 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/4268 From: Nitin Wankhade Upstream-Status: Backport [https://snapshot.debian.org/archive/debian-security-debug/20260422T125423Z/pool/updates/main/s/strongswan/strongswan_6.0.1-6%2Bdeb13u5.debian.tar.xz] Signed-off-by: Nitin Wankhade --- .../strongswan/files/CVE-2026-35329.patch | 57 +++++++++++++++++++ .../strongswan/strongswan_5.9.13.bbappend | 1 + 2 files changed, 58 insertions(+) create mode 100644 meta-networking/recipes-support/strongswan/files/CVE-2026-35329.patch diff --git a/meta-networking/recipes-support/strongswan/files/CVE-2026-35329.patch b/meta-networking/recipes-support/strongswan/files/CVE-2026-35329.patch new file mode 100644 index 0000000..7c55d43 --- /dev/null +++ b/meta-networking/recipes-support/strongswan/files/CVE-2026-35329.patch @@ -0,0 +1,57 @@ +From: Tobias Brunner +Date: Wed, 25 Mar 2026 10:28:45 +0100 +Subject: pkcs5/pkcs7: Avoid NULL pointer dereference when verifying padding + +Can be triggered via empty PKCS#7 encrypted- or enveloped-data content +in IKEv1 CERT payload. + +Fixes: 4076e3ee9121 ("Extract PKCS#5 handling from pkcs8 plugin to separate helper class") +Fixes: d7aa09104f08 ("Implement PKCS#7 enveloped-data parsing and decryption") +Fixes: CVE-2026-35329 + +CVE: CVE-2026-35329 +Upstream-Status: Backport [https://snapshot.debian.org/archive/debian-security-debug/20260422T125423Z/pool/updates/main/s/strongswan/strongswan_6.0.1-6%2Bdeb13u5.debian.tar.xz] +Patch is refreshed as per the source code version 5.9.13 +Signed-off-by: Nitin Wankhade +=== +diff --git a/src/libstrongswan/crypto/pkcs5.c b/src/libstrongswan/crypto/pkcs5.c +index e48a9ad..134ccd3 100644 +--- a/src/libstrongswan/crypto/pkcs5.c ++++ b/src/libstrongswan/crypto/pkcs5.c +@@ -113,6 +113,11 @@ static bool verify_padding(crypter_t *crypter, chunk_t *blob) + { + uint8_t padding, count; + ++ if (!blob->len) ++ { ++ return FALSE; ++ } ++ + padding = count = blob->ptr[blob->len - 1]; + + if (padding > crypter->get_block_size(crypter)) +diff --git a/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c b/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c +index 8b26bad..3d601d6 100644 +--- a/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c ++++ b/src/libstrongswan/plugins/pkcs7/pkcs7_enveloped_data.c +@@ -182,10 +182,17 @@ static bool decrypt(private_key_t *private, chunk_t key, chunk_t iv, int oid, + */ + static bool remove_padding(private_pkcs7_enveloped_data_t *this) + { +- u_char *pos = this->content.ptr + this->content.len - 1; +- u_char pattern = *pos; +- size_t padding = pattern; ++ u_char *pos, pattern; ++ size_t padding; + ++ if (!this->content.len) ++ { ++ return FALSE; ++ } ++ ++ pos = this->content.ptr + this->content.len - 1; ++ pattern = *pos; ++ padding = pattern; + if (padding > this->content.len) + { + DBG1(DBG_LIB, "padding greater than data length"); diff --git a/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend b/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend index 9d48481..0f167db 100644 --- a/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend +++ b/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend @@ -1,4 +1,5 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/files:" SRC_URI += "\ file://CVE-2026-35328.patch \ + file://CVE-2026-35329.patch \ " From patchwork Tue Jun 23 06:09:57 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Nitin Wankhade X-Patchwork-Id: 90676 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1C96FCD98F0 for ; Tue, 23 Jun 2026 06:10:48 +0000 (UTC) Received: from mail-pj1-f49.google.com (mail-pj1-f49.google.com [209.85.216.49]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.14970.1782195022808058403 for ; Mon, 22 Jun 2026 23:10:22 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20251104 header.b=EKJeMmoj; spf=pass (domain: gmail.com, ip: 209.85.216.49, mailfrom: nitin.wankhade333@gmail.com) Received: by mail-pj1-f49.google.com with SMTP id 98e67ed59e1d1-37c5a6be9c9so849764a91.2 for ; Mon, 22 Jun 2026 23:10:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1782195022; x=1782799822; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=dmW7TKqCpJw+tz0OpESr64sZlIAeWFAg67eJiQLhCkg=; b=EKJeMmojdppCbgtHqj+HGzCJl6crVMS9pQ67DEn8oy9hzRHMZvnaBUbpPpZIC0YqQ2 GxXeO3zl6bgoCqgV0DT/Dvfu/014FHMx++G3mutuBnTQ+zmY52miRqOwCc9YqSjgXlKO oDMBSB4xHZpygLyNSRWaKMw9FXAb/N4EKJf9r05KHOWANGcJqFbjdRCguvdIbQ6wHqdZ Jbv3vLQXmmCj36YobxIodeaIxvovZofcjqAJx+moDN1eI6t/NeAUd+aYbOM0YmE3awK5 KGDRZZSLyyscgUaHsaxigJbNMMKSdCmyQE5f74P9+O4peezVPWp7urlDy6/rfzqBnYlP db6w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1782195022; x=1782799822; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=dmW7TKqCpJw+tz0OpESr64sZlIAeWFAg67eJiQLhCkg=; b=dPMjYv+bJatcXXUZpButZmgZqrthOOfVMEPnYUaLZAT7HQu9hdTLrbDEowCoNcFVSq 1MTg8h+wpDcxGCAc8UvkwtgeSUagjGWQ800q28bimFO4cRw0G14ihi/CmrJsWEgfks6Y 9CjVW3XH6lXhVdteAN9EG56FAAXaC/Ji4Ol2om9Bg9dJa+dlewajy2eoHlhKVPutrXe1 aas7Sno800KI/kGo9tE4G7no2kT6ZhyEnN9KQmx2juYmBS/JputJRQVi8W7eR6m651sr pdb1ECzHczgbZx7Tz87NHQZH7Omz7I1+ONNpsfH6O58H65bbAUpVBz0ZOQX+jNUKZCtz sySw== X-Gm-Message-State: AOJu0YwASAqcpyRhMMxX3Sl4t5wKQpZ9if1XGam848A9qu+3ghxNuZm4 r5XmQJT6VRHyAphuxl+qa+cgvA5rnbLZcoL73UqU6r87XfRrr4pUxXkcB56DCqWp9zE= X-Gm-Gg: AfdE7cmrp74wxdkzoCOHTZ49fjKPu8PEhGJQcSc4h1yyyW3JogH7Vac3S8cztDvEsox ncu/h7PIADjFnwaePPHOggS6W+d1AlxFAbKZMQ2Gu+dtprJuuw2SpqSRjKO6/uGvebYOKFymqvN S/bt8UBrHMlYgtYiGp5B5J5IkJy8axOTTa4Il7ChHCuA9dKIUJyvaeko4CEZxNPUMQqbsyJSVUu khhc7xGy1hLIwE2+qpZzY8ooDPty/BrHZKPtRTpTjwdVYWFhJNdznEK00Yk71lt5tRR+5/Ae2+q +sYFHVO/gaexApETx9A2CotSzgK0Yh7Mu1kaw2g6TcQRi3a4rURimUXcJ819gBU7+/y/F0I09F5 hwDSATin/ORzmFr74NfNAqi5pwLRMkvyCJeJjEaN4PO8rq702YQ3QFFkZ3h62jlG4Q1XRfKX7Bb 56wcg1B6txy9U4xPW8A1W5/rw= X-Received: by 2002:a17:903:1a26:b0:2c1:5664:b747 with SMTP id d9443c01a7336-2c7bf1fc191mr15900015ad.7.1782195022142; Mon, 22 Jun 2026 23:10:22 -0700 (PDT) Received: from LL-868L.kpit.com ([49.206.129.123]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2c7439f85f1sm99844045ad.42.2026.06.22.23.10.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2026 23:10:21 -0700 (PDT) From: Nitin Wankhade X-Google-Original-From: Nitin Wankhade To: yocto-patches@lists.yoctoproject.org Cc: nitin.wankhade@kpit.com, Nitin Wankhade Subject: [meta-lts-collab][kirkstone][PATCH V2 3/7] strongswan: Fix CVE-2026-35330 Date: Tue, 23 Jun 2026 11:39:57 +0530 Message-Id: <20260623061001.644583-3-nitin.wankhade@kpit.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20260623061001.644583-1-nitin.wankhade@kpit.com> References: <20260623061001.644583-1-nitin.wankhade@kpit.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 23 Jun 2026 06:10:48 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/4269 From: Nitin Wankhade Upstream-Status: Backport [https://snapshot.debian.org/archive/debian-security-debug/20260422T125423Z/pool/updates/main/s/strongswan/strongswan_6.0.1-6%2Bdeb13u5.debian.tar.xz] Signed-off-by: Nitin Wankhade --- .../strongswan/files/CVE-2026-35330.patch | 55 +++++++++++++++++++ .../strongswan/strongswan_5.9.13.bbappend | 1 + 2 files changed, 56 insertions(+) create mode 100644 meta-networking/recipes-support/strongswan/files/CVE-2026-35330.patch diff --git a/meta-networking/recipes-support/strongswan/files/CVE-2026-35330.patch b/meta-networking/recipes-support/strongswan/files/CVE-2026-35330.patch new file mode 100644 index 0000000..0e6227d --- /dev/null +++ b/meta-networking/recipes-support/strongswan/files/CVE-2026-35330.patch @@ -0,0 +1,55 @@ +From: =?utf-8?q?Lukas_Johannes_M=C3=B6ller?= +Date: Wed, 11 Mar 2026 16:07:10 +0000 +Subject: libsimaka: Reject zero-length EAP-SIM/AKA attributes +MIME-Version: 1.0 +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +parse_attributes() accepts hdr->length == 0 in the AT_ENCR_DATA, +AT_RAND, AT_PADDING, default branches. The code then subtracts the +fixed attribute header size from the encoded length, which underflows +and exposes a wrapped payload length to later code. In particular, +for the cases where add_attribute() is called, this causes a heap-based +buffer overflow (a buffer of 12 bytes is allocated to which the wrapped +length is written). For AT_PADDING, the underflow is irrelevant as +add_attribute() is not called. Instead, this results in an infinite loop. + +Reject zero-length attributes before subtracting the attribute header. + +Signed-off-by: Lukas Johannes Möller + +Fixes: f8330d03953b ("Added a libsimaka library with shared message handling code for EAP-SIM/AKA") +Fixes: CVE-2026-35330 + +CVE: CVE-2026-35330 +Upstream-Status: Backport [https://snapshot.debian.org/archive/debian-security-debug/20260422T125423Z/pool/updates/main/s/strongswan/strongswan_6.0.1-6%2Bdeb13u5.debian.tar.xz] +Patch is refreshed as per the source code version 5.9.13 +Signed-off-by: Nitin Wankhade +=== +diff --git a/src/libsimaka/simaka_message.c b/src/libsimaka/simaka_message.c +index 6706568..4862048 100644 +--- a/src/libsimaka/simaka_message.c ++++ b/src/libsimaka/simaka_message.c +@@ -416,7 +416,7 @@ static bool parse_attributes(private_simaka_message_t *this, chunk_t in) + case AT_ENCR_DATA: + case AT_RAND: + { +- if (hdr->length * 4 > in.len || in.len < 4) ++ if (hdr->length == 0 || hdr->length * 4 > in.len || in.len < 4) + { + return invalid_length(hdr->type); + } +@@ -439,7 +439,7 @@ static bool parse_attributes(private_simaka_message_t *this, chunk_t in) + case AT_PADDING: + default: + { +- if (hdr->length * 4 > in.len || in.len < 4) ++ if (hdr->length == 0 || hdr->length * 4 > in.len || in.len < 4) + { + return invalid_length(hdr->type); + } +@@ -932,4 +932,3 @@ simaka_message_t *simaka_message_create(bool request, uint8_t identifier, + return simaka_message_create_data(chunk_create((char*)&hdr, sizeof(hdr)), + crypto); + } +- diff --git a/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend b/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend index 0f167db..527e3b3 100644 --- a/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend +++ b/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend @@ -2,4 +2,5 @@ FILESEXTRAPATHS:prepend := "${THISDIR}/files:" SRC_URI += "\ file://CVE-2026-35328.patch \ file://CVE-2026-35329.patch \ + file://CVE-2026-35330.patch \ " From patchwork Tue Jun 23 06:09:58 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nitin Wankhade X-Patchwork-Id: 90674 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1265CCD4F26 for ; Tue, 23 Jun 2026 06:10:27 +0000 (UTC) Received: from mail-pj1-f43.google.com (mail-pj1-f43.google.com [209.85.216.43]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.14972.1782195026494221702 for ; Mon, 22 Jun 2026 23:10:26 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20251104 header.b=gQJgLVfM; spf=pass (domain: gmail.com, ip: 209.85.216.43, mailfrom: nitin.wankhade333@gmail.com) Received: by mail-pj1-f43.google.com with SMTP id 98e67ed59e1d1-36f4773d7abso773117a91.3 for ; Mon, 22 Jun 2026 23:10:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1782195026; x=1782799826; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=QjYlRqrvgwYSRsgZ9XK2s173v8uo48A6fjvELvf36bU=; b=gQJgLVfMnmMxjW5VuEdzeRx47QP3Pw0f6S58wxWF8HVqdd+XoAakCI1FZuwqeasXVv GgonWPGRecyu2Z9RXZcPfFfGjrvfolLLb+d9pXKccttFOoOkq92n6lrO+o5woor3lkKp AXbDs6XVKkSWAzE1u9iyebNH9xAvnPM9Di4ikCxSSuYRUqGfrKcqTMKxhAHg5XoDNkg5 kdZm4q+XVUML1Wpr1ZPXsSblqzdOYHwJg3xyib6CLOB7eOGMEsWpXEBDZZ6sSeV0gId+ I/EYNbWhnJEfGZ8VpYlEx/hjRLuHXM+iB2D87FQUfG/F+Qw1HX0qw8TWDLkiKWt5/Cr1 y84g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1782195026; x=1782799826; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=QjYlRqrvgwYSRsgZ9XK2s173v8uo48A6fjvELvf36bU=; b=MvYRqAcgRWAAdudQDatXyqAUlkW4Zz6dVmGc+hF6JQlVoo3FQNOUsnAT6wT01Y49tl +MbcNI5bRc+r6mGIdfN3JOWwajEKu4GtP3yoZaXDqv2SY8pRMkM8uplfVziJhChRXp7Z yBL1QIcR6zuj9OVMVhfmol/ht8f2JPUFrJhbiSV2CTJUhYx5cgC3OybheEBA381zkYQ6 TsYP6G206fLvjAFphzYRPdHQWUIaLhIOoWFCub1keX2JniewLnxmUoqLcq1i/ZEB14o9 /RrLmc1yc94PrTVggzCuLU5eKVgqvJFdFVh0voo1fED7HHwMuLM7s2Of+VF3hXz/+KkS ErCg== X-Gm-Message-State: AOJu0YyNAgHCaJsIyXfnTsWyAnMmYOrVu84/acFxNwKLO5EpGd55KMX+ Zego9MYWiaBn+keHBtG9QkXhwUhffJYyFw6fVmVR1L28PzduJG8eqQwlbmA/weAY15Q= X-Gm-Gg: AfdE7cl6ff73499Q4+QOZQGv60hWxxuyso6EjfJhzqgxL8vBo0h2W4dCY5oFdhz8xnw THExulVDc5dQXFlBI7pI5IR4Xx58IbvDSwszeiySZ9RfLoxtEfg1wNHhbdpKd7TokHYPOvqOaTz nyahuRh7YqqMpufzonCETO5GNW4VK26jLhJIeMMBii8Dlgu9KKOllxBNQIvf1FVFtvXHnUp4q6i 5fiG78UlYAa/rulPSDVSMYMU1ZNm0fDJ3egdCRgWl1qoTqfRDOlkRhZNQQ9uAJEJMLQDNqbHblZ W/dCSOsQHUh+8zETlsbCG9dBkDSjbIC1lWpXcpSIFYBivWT6dUdl7TSrUZBLgoA1ya3i0G4UNdL RYDt+Z+EbaCXHqHcdUumdemXlb1NIuo5mwx8Zs1TTHiE/saFDA+3P037V2a7Nm0MvbxyBqs0UVH 4LWOuJlod8RDheP7dFpyxfx/I= X-Received: by 2002:a17:902:f651:b0:2c0:c965:6656 with SMTP id d9443c01a7336-2c7bf1d6ab6mr17222955ad.6.1782195025767; Mon, 22 Jun 2026 23:10:25 -0700 (PDT) Received: from LL-868L.kpit.com ([49.206.129.123]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2c7439f85f1sm99844045ad.42.2026.06.22.23.10.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2026 23:10:25 -0700 (PDT) From: Nitin Wankhade X-Google-Original-From: Nitin Wankhade To: yocto-patches@lists.yoctoproject.org Cc: nitin.wankhade@kpit.com, Nitin Wankhade Subject: [meta-lts-collab][kirkstone][PATCH V2 4/7] strongswan: Fix CVE-2026-35331 Date: Tue, 23 Jun 2026 11:39:58 +0530 Message-Id: <20260623061001.644583-4-nitin.wankhade@kpit.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20260623061001.644583-1-nitin.wankhade@kpit.com> References: <20260623061001.644583-1-nitin.wankhade@kpit.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 23 Jun 2026 06:10:27 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/4270 From: Nitin Wankhade Upstream-Status: Backport [https://snapshot.debian.org/archive/debian-security-debug/20260422T125423Z/pool/updates/main/s/strongswan/strongswan_6.0.1-6%2Bdeb13u5.debian.tar.xz] Signed-off-by: Nitin Wankhade --- .../strongswan/files/CVE-2026-35331.patch | 157 ++++++++++++++++++ .../strongswan/strongswan_5.9.13.bbappend | 1 + 2 files changed, 158 insertions(+) create mode 100644 meta-networking/recipes-support/strongswan/files/CVE-2026-35331.patch diff --git a/meta-networking/recipes-support/strongswan/files/CVE-2026-35331.patch b/meta-networking/recipes-support/strongswan/files/CVE-2026-35331.patch new file mode 100644 index 0000000..13a8954 --- /dev/null +++ b/meta-networking/recipes-support/strongswan/files/CVE-2026-35331.patch @@ -0,0 +1,157 @@ +From: Tobias Brunner +Date: Mon, 23 Mar 2026 17:45:11 +0100 +Subject: constraints: Case-insensitive matching and reject excluded DN name + constraints + +The case is generally ignored when matching identities. So this is +an issue with excluded name constraints where a malicious intermediate +CA could evade the constraints by issuing certificates with names that +just modify the case (e.g. strongSwan.org instead strongswan.org). + +Note that it's likely that permitted name constraints are preferred over +excluded name constraints as it might be difficult to come up with a +conclusive list of names to exclude. + +With directoryName (DN) name constraints the issue is a bit more comples. +Some RDNs have to be matched in a case-insensitive manner, which we e.g. +do in `identification.c::rdn_equals`. By not doing it for name +constraints, a malicious intermediate CA could evade an excluded name +constraint just by modifying the case in such an RDN. + +While we could use the mentioned function in `dn_matches`, this doesn't +properly fix the problem because the function is basically too strict. +Especially in regards to RDNs of type UTF8String, which are only compared +binary. To match these properly, we'd have to implement the string +preparation described in RFC 5280, section 7.1 and the referenced RFCs. +Until that's the case, we reject excluded name constraints of type +directoryName as we are unable to enforce them. + +Fixes: a2b340764fac ("Implemented NameConstraint matching in constraints plugin") +Fixes: CVE-2026-35331 + +CVE: CVE-2026-35331 +Upstream-Status: Backport [https://snapshot.debian.org/archive/debian-security-debug/20260422T125423Z/pool/updates/main/s/strongswan/strongswan_6.0.1-6%2Bdeb13u5.debian.tar.xz] +Patch is refreshed as per the source code version 5.9.13 +Signed-off-by: Nitin Wankhade +=== +diff --git a/src/libstrongswan/plugins/constraints/constraints_validator.c b/src/libstrongswan/plugins/constraints/constraints_validator.c +index b1f60fb..a04720a 100644 +--- a/src/libstrongswan/plugins/constraints/constraints_validator.c ++++ b/src/libstrongswan/plugins/constraints/constraints_validator.c +@@ -52,6 +52,18 @@ static bool check_pathlen(x509_t *issuer, int pathlen) + return TRUE; + } + ++/** ++ * Check if the constraint and ID strings match case-insensitively ++ */ ++static bool string_matches(chunk_t constraint, chunk_t id) ++{ ++ /* make sure the two strings have actually the same length */ ++ return constraint.len == id.len && ++ memchr(constraint.ptr, 0, constraint.len) == NULL && ++ memchr(id.ptr, 0, id.len) == NULL && ++ strncasecmp(constraint.ptr, id.ptr, constraint.len) == 0; ++} ++ + /** + * Check if a FQDN constraint matches + */ +@@ -67,7 +79,7 @@ static bool fqdn_matches(identification_t *constraint, identification_t *id) + return FALSE; + } + diff = chunk_create(i.ptr, i.len - c.len); +- if (!chunk_equals(c, chunk_skip(i, diff.len))) ++ if (!string_matches(c, chunk_skip(i, diff.len))) + { + return FALSE; + } +@@ -98,10 +110,10 @@ static bool email_matches(identification_t *constraint, identification_t *id) + } + if (memchr(c.ptr, '@', c.len)) + { /* constraint is a full email address */ +- return chunk_equals(c, i); ++ return string_matches(c, i); + } + diff = chunk_create(i.ptr, i.len - c.len); +- if (!diff.len || !chunk_equals(c, chunk_skip(i, diff.len))) ++ if (!diff.len || !string_matches(c, chunk_skip(i, diff.len))) + { + return FALSE; + } +diff --git a/src/libstrongswan/tests/suites/test_certnames.c b/src/libstrongswan/tests/suites/test_certnames.c +index 3672912..9a25eb6 100644 +--- a/src/libstrongswan/tests/suites/test_certnames.c ++++ b/src/libstrongswan/tests/suites/test_certnames.c +@@ -194,8 +194,10 @@ static struct { + bool good; + } permitted_san[] = { + { ID_FQDN, ".strongswan.org", "test.strongswan.org", TRUE }, ++ { ID_FQDN, ".strongswan.org", "test.strongSwan.org", TRUE }, + { ID_FQDN, "strongswan.org", "test.strongswan.org", TRUE }, + { ID_FQDN, "a.b.c.strongswan.org", "d.a.b.c.strongswan.org", TRUE }, ++ { ID_FQDN, "a.b.c.strongswan.org", "d.A.b.c.strongswan.org", TRUE }, + { ID_FQDN, "a.b.c.strongswan.org", "a.b.c.d.strongswan.org", FALSE }, + { ID_FQDN, "strongswan.org", "strongswan.org.com", FALSE }, + { ID_FQDN, ".strongswan.org", "strongswan.org", FALSE }, +@@ -203,6 +205,8 @@ static struct { + { ID_FQDN, "strongswan.org", "swan.org", FALSE }, + { ID_FQDN, "strongswan.org", "swan.org", FALSE }, + { ID_RFC822_ADDR, "tester@strongswan.org", "tester@strongswan.org", TRUE }, ++ { ID_RFC822_ADDR, "tester@strongswan.org", "tester@strongSwan.org", TRUE }, ++ { ID_RFC822_ADDR, "tester@strongswan.org", "TESTER@strongswan.org", TRUE }, + { ID_RFC822_ADDR, "tester@strongswan.org", "atester@strongswan.org", FALSE }, + { ID_RFC822_ADDR, "strongswan.org", "tester@strongswan.org", TRUE }, + { ID_RFC822_ADDR, "strongswan.org", "tester@test.strongswan.org", FALSE }, +@@ -232,11 +236,11 @@ static struct { + char *subject; + bool good; + } excluded_dn[] = { +- { "C=CH, O=another", "C=CH, O=strongSwan, CN=tester", TRUE }, +- { "C=CH, O=another", "C=CH, O=anot", TRUE }, +- { "C=CH, O=another", "C=CH, O=anot, CN=tester", TRUE }, ++ { "C=CH, O=another", "C=CH, O=strongSwan, CN=tester", FALSE }, ++ { "C=CH, O=another", "C=CH, O=anot", FALSE }, ++ { "C=CH, O=another", "C=CH, O=anot, CN=tester", FALSE }, + { "C=CH, O=another", "C=CH, O=another, CN=tester", FALSE }, +- { "C=CH, O=another", "C=CH, CN=tester, O=another", TRUE }, ++ { "C=CH, O=another", "C=CH, CN=tester, O=another", FALSE }, + }; + + START_TEST(test_excluded_dn) +@@ -266,7 +270,9 @@ static struct { + } excluded_san[] = { + { ID_FQDN, ".strongswan.org", "test.strongswan.org", FALSE }, + { ID_FQDN, "strongswan.org", "test.strongswan.org", FALSE }, ++ { ID_FQDN, "strongswan.org", "test.strongSwan.org", FALSE }, + { ID_FQDN, "a.b.c.strongswan.org", "d.a.b.c.strongswan.org", FALSE }, ++ { ID_FQDN, "a.b.c.strongswan.org", "d.a.b.C.strongswan.org", FALSE }, + { ID_FQDN, "a.b.c.strongswan.org", "a.b.c.d.strongswan.org", TRUE }, + { ID_FQDN, "strongswan.org", "strongswan.org.com", TRUE }, + { ID_FQDN, ".strongswan.org", "strongswan.org", TRUE }, +@@ -274,6 +280,7 @@ static struct { + { ID_FQDN, "strongswan.org", "swan.org", TRUE }, + { ID_FQDN, "strongswan.org", "swan.org", TRUE }, + { ID_RFC822_ADDR, "tester@strongswan.org", "tester@strongswan.org", FALSE }, ++ { ID_RFC822_ADDR, "tester@strongswan.org", "TESTER@strongswan.org", FALSE }, + { ID_RFC822_ADDR, "tester@strongswan.org", "atester@strongswan.org", TRUE }, + { ID_RFC822_ADDR, "strongswan.org", "tester@strongswan.org", FALSE }, + { ID_RFC822_ADDR, "strongswan.org", "tester@test.strongswan.org", TRUE }, +@@ -304,7 +311,7 @@ static struct { + char *subject; + bool good; + } permitted_dninh[] = { +- { "C=CH", "C=CH, O=strongSwan", "C=CH, O=strongSwan, CN=tester", TRUE }, ++ { "C=CH", "C=CH, O=strongSwan", "C=CH, O=strongSwan, CN=tester", FALSE }, + { "C=CH", "C=DE, O=strongSwan", "C=CH, O=strongSwan, CN=tester", FALSE }, + { "C=CH, O=strongSwan", "C=CH", "C=CH", FALSE }, + }; +@@ -334,7 +341,7 @@ static struct { + char *subject; + bool good; + } excluded_dninh[] = { +- { "C=CH, O=strongSwan", "C=CH", "C=DE", TRUE }, ++ { "C=CH, O=strongSwan", "C=CH", "C=DE", FALSE }, + { "C=CH, O=strongSwan", "C=DE", "C=CH", FALSE }, + { "C=CH", "C=CH, O=strongSwan", "C=CH, O=strongSwan, CN=tester", FALSE }, + }; diff --git a/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend b/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend index 527e3b3..b5d1966 100644 --- a/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend +++ b/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend @@ -3,4 +3,5 @@ SRC_URI += "\ file://CVE-2026-35328.patch \ file://CVE-2026-35329.patch \ file://CVE-2026-35330.patch \ + file://CVE-2026-35331.patch \ " From patchwork Tue Jun 23 06:09:59 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nitin Wankhade X-Patchwork-Id: 90675 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 33C41CDB470 for ; Tue, 23 Jun 2026 06:10:48 +0000 (UTC) Received: from mail-pl1-f181.google.com (mail-pl1-f181.google.com [209.85.214.181]) by mx.groups.io with SMTP id smtpd.msgproc01-g2.14780.1782195031907802940 for ; Mon, 22 Jun 2026 23:10:31 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20251104 header.b=i68e8xKr; spf=pass (domain: gmail.com, ip: 209.85.214.181, mailfrom: nitin.wankhade333@gmail.com) Received: by mail-pl1-f181.google.com with SMTP id d9443c01a7336-2bf332e9457so4679845ad.1 for ; Mon, 22 Jun 2026 23:10:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1782195031; x=1782799831; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=2SFzqP3JKpZ3YGeSI3O4RrOIUQeRiK4T1ZwC3HVpFzE=; b=i68e8xKrWbr9rdbuFUH7WnYLnQ80+E0jvhXYkcPrNiS7dAtq9b0xL70NE5nrw5jcbM t840IYPM586UEYNmeLjgwCfVNNxgTXq7u4zXQETv53QercNg6ohFlWHWXS2TDYY2Ufq2 8Ki+aqv2v8S5gPso77Xp2G8eW2wO6o2ITBFhFkjnb/SXHJ44bB7+lc6/qQ3l+Bf1235t t7LXIEkPI4GGLMqhIrIVMcC74WelsrWiz/KmD/GZsYgL4ctObjC+lH2D6pE1x8Sy9R9e sidsQYa0la6UHnV6MruxeQsx0doAgYsZVKKWXh/zPJxkUNMxA0rMgJbn8mJp4WrUw9Oy dD3g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1782195031; x=1782799831; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=2SFzqP3JKpZ3YGeSI3O4RrOIUQeRiK4T1ZwC3HVpFzE=; b=E1K9gWCLkdAEErVu2Dv/AcyEmTuLyAYr5lGqMFOc75P6tmMJYDk1FT87qIXvwrRsH5 MRJkwIfSZWKA2bD364k3S7l7wkKC+RPddnYYNk0OAVWDrRzVnbjEFoix7fWBNLwu27XH d7gwQlqllwlhC5a2DFc4WHglcu1gyv56iCrQfg9MXOaljvxKnTARDijFMnVmadpgYs9I FyIsMNPzD/UjTZebinrlnT7CDdafcjWlddjBZQvXR2zwQneHfWW7++XqiqFKYMHk1XUO QiFvbwk2oQqmdOHERDhrEza6OebpRsXsDKjcEb+lqC0FIvOPGiipXtWseFYo2VecKW9O oJ1Q== X-Gm-Message-State: AOJu0YwQ9CX+10k9O8NDncAOzwBpphyF4UJCgcSzOXo5ac/rMylbVrqY s73YU8k39uilrNgfvVPp2j27i2orepCNMKBLenyaWh0TnyTkiF1BKkRssP5pJeieYrw= X-Gm-Gg: AfdE7clKEFJdm8f8LZvKJiVQlo0By15Cg6Bs48fNy7p6vzIeQHLnfGZF3kTXjGdhjHp q6F6oYhN2oSKwCVpR2/j5kDxFmlmPW4ET71xV27Ju8XOHs/EufPTbLZhH6jM5rAyPd/nkH3Pe6x gimXq514vcl+Z2/A9LxNDnIZ+/MaGBwyGCAIxoEuE7KnHlvwikEltQECcibt+Ld49z2cRd5gQZv 7d+UxGnbwxbzRcxKM3XxYYGngyqDWhlAXha/pfWeI/TuMCBfA2zIjNaJnwiiDGZiPQAJFR7+Akm +T3nZPh7GSieMsOBwvbAJOGZqXhcWRQr6R2ml6zN1rM1An7Ch8mrxZ+P/SUeb1fnC5PRFgeA9eJ dn6mUuT+v5P8Rfkg12vo6GffYsHvN4sLTMxm1Cl43dL7sTkoxAtH8s8HGgpAEhTpBKktey92KX7 fh4YJgOiXycviVt3f9lWoFFXI= X-Received: by 2002:a17:902:f54e:b0:2c6:d204:10b1 with SMTP id d9443c01a7336-2c7bf228529mr17637935ad.8.1782195031170; Mon, 22 Jun 2026 23:10:31 -0700 (PDT) Received: from LL-868L.kpit.com ([49.206.129.123]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2c7439f85f1sm99844045ad.42.2026.06.22.23.10.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2026 23:10:30 -0700 (PDT) From: Nitin Wankhade X-Google-Original-From: Nitin Wankhade To: yocto-patches@lists.yoctoproject.org Cc: nitin.wankhade@kpit.com, Nitin Wankhade Subject: [meta-lts-collab][kirkstone][PATCH V2 5/7] strongswan: Fix CVE-2026-35332 Date: Tue, 23 Jun 2026 11:39:59 +0530 Message-Id: <20260623061001.644583-5-nitin.wankhade@kpit.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20260623061001.644583-1-nitin.wankhade@kpit.com> References: <20260623061001.644583-1-nitin.wankhade@kpit.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 23 Jun 2026 06:10:48 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/4271 From: Nitin Wankhade Upstream-Status: Backport [https://snapshot.debian.org/archive/debian-security-debug/20260422T125423Z/pool/updates/main/s/strongswan/strongswan_6.0.1-6%2Bdeb13u5.debian.tar.xz] Signed-off-by: Nitin Wankhade --- .../strongswan/files/CVE-2026-35332.patch | 51 +++++++++++++++++++ .../strongswan/strongswan_5.9.13.bbappend | 1 + 2 files changed, 52 insertions(+) create mode 100644 meta-networking/recipes-support/strongswan/files/CVE-2026-35332.patch diff --git a/meta-networking/recipes-support/strongswan/files/CVE-2026-35332.patch b/meta-networking/recipes-support/strongswan/files/CVE-2026-35332.patch new file mode 100644 index 0000000..a46479f --- /dev/null +++ b/meta-networking/recipes-support/strongswan/files/CVE-2026-35332.patch @@ -0,0 +1,51 @@ +From: Tobias Brunner +Date: Fri, 20 Mar 2026 17:38:07 +0100 +Subject: tls-server: Only accept non-empty ECDH public keys with TLS < 1.3 + +This prevents a crash due to a null-pointer dereference when processing +an empty ECDH public key. + +The previous length check only applied in the `!ec` case, so in the `ec` +case, the access to `pub.ptr[0]` was unguarded. If a crafted TLS +record ends with an empty ClientKeyExchange, then `read_data8` sets +`pub` to `chunk_empty`, causing a null-pointer dereference. + +Note that if some data follows the empty ClientKeyExchange, this just +causes a 1-byte out-of-bounds read that has no further effect as the +TLS session is aborted immediately. Either because the read value +doesn't equal TLS_ANSI_UNCOMPRESSED or because the empty public key +is rejected by `set_public_key()`. + +The referenced commit that introduced the pointer access, added the +check for `pub.len` specifically to the `!ec` case, while the pointer +access was initially unconditional (probably because the code was just +copied from `tls_peer.c` which processes ECDH public keys in a separate +function, so there was no `ec` flag). The latter was fixed a couple of +days later with 7b3c01845f63 ("Read the compression type byte for EC +groups, only"). However, that commit didn't change the length check. +Anyway, it's possible that the original intention was to add the check +to the `ec` case on the previous line, or that there was some confusion +with the parenthesis and something like the current code was intended to +begin with. + +Fixes: e6cce7ff0d1b ("Prepend point format to ECDH public key") +Fixes: CVE-2026-35332 + +CVE: CVE-2026-35332 +Upstream-Status: Backport [https://snapshot.debian.org/archive/debian-security-debug/20260422T125423Z/pool/updates/main/s/strongswan/strongswan_6.0.1-6%2Bdeb13u5.debian.tar.xz] +Patch is refreshed as per the source code version 5.9.13 +Signed-off-by: Nitin Wankhade +=== +diff --git a/src/libtls/tls_server.c b/src/libtls/tls_server.c +index 7b2238e..bffc01c 100644 +--- a/src/libtls/tls_server.c ++++ b/src/libtls/tls_server.c +@@ -857,7 +857,7 @@ static status_t process_key_exchange_dhe(private_tls_server_t *this, + group = this->dh->get_method(this->dh); + ec = key_exchange_is_ecdh(group); + if ((ec && !reader->read_data8(reader, &pub)) || +- (!ec && (!reader->read_data16(reader, &pub) || pub.len == 0))) ++ (!ec && !reader->read_data16(reader, &pub)) || pub.len == 0) + { + DBG1(DBG_TLS, "received invalid Client Key Exchange"); + this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR); diff --git a/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend b/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend index b5d1966..1e90b1c 100644 --- a/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend +++ b/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend @@ -4,4 +4,5 @@ SRC_URI += "\ file://CVE-2026-35329.patch \ file://CVE-2026-35330.patch \ file://CVE-2026-35331.patch \ + file://CVE-2026-35332.patch \ " From patchwork Tue Jun 23 06:10:00 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Nitin Wankhade X-Patchwork-Id: 90677 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 654F3CDB471 for ; Tue, 23 Jun 2026 06:10:48 +0000 (UTC) Received: from mail-pl1-f180.google.com (mail-pl1-f180.google.com [209.85.214.180]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.14975.1782195035236424897 for ; Mon, 22 Jun 2026 23:10:35 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20251104 header.b=KMo61VI1; spf=pass (domain: gmail.com, ip: 209.85.214.180, mailfrom: nitin.wankhade333@gmail.com) Received: by mail-pl1-f180.google.com with SMTP id d9443c01a7336-2bf332e9457so4679855ad.1 for ; Mon, 22 Jun 2026 23:10:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1782195034; x=1782799834; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=mMz1k5BKruWXiJmcBwuX/Ouj2rqXb/4H9U+XjtV6phI=; b=KMo61VI1WeC3Xt4U3N75/Sf3guKi57PFGwX0/n8JEdV72PznpMhV69NPlpJifbRB+g xqfRl56MYrHtYwtAbRWWfkO+uygMqYkb1XriNlThboHo1OGg2pct0+L7RtLnqSnaGB71 Z6oenyo4Mj1N+FlcMBT8Sb0m0gF3/m7GtLn5i+eoHp42KGXsOtotZDpAqgXsLPec/Gvw qh1MK78JgMOZJ40q7FaVdCpj2LuJ4H3oeNPegQ/ku4VXZmfwMOWmwm6eCMT1vWA/PjGK zUuolqPQ6bm/5Vyngp85+FHtiALgDDhm5HTYp8TsXSVd6bOmqmJlg3f9GTMHJJYxQ85l nAOQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1782195034; x=1782799834; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=mMz1k5BKruWXiJmcBwuX/Ouj2rqXb/4H9U+XjtV6phI=; b=rVxo7v5kYitvpeT7epMFIYVzhCdgRE/M/0p4CBO4Bva9UlE8xTTgPt90nQOqKH6YKF 8cEKHV+81UffGxNwP6TJEew4khKoDMOVud6UuqnH4AtvjBh4oX5EydIC8VFWvVWVMwv7 eBvbOFN3F0+2cGcLbujhlkTE/Q+4C+tujpcgOpyi3CM6E4t2/uyb4IiPUTMLLJTCzRky aVHLgWrpjD0cXv0femdOr4h5ZdMdqep/cb+2XmfZ7kaop3TyoVvLjwK8iCyFkKuBjePF E4D7J4UDK+4KBuYfoVaf3jIa+qRUW35oURvsNIbD0s8ztlsQRQh7hTgr/xSIMlVrveaW lNFw== X-Gm-Message-State: AOJu0YxHLCDB/yhdv4n2Z8UbnIU4tuP8n3+CDrUv7Vz6FHtG+J6v1iUt wW6mIkPE14wa1ya8+jkTb9zNkYslOXwlFuVQPwAXdftJ84PpHfxTT/bFlUydJIO+i9Q= X-Gm-Gg: AfdE7cmZKGCoIRXKvCafHj0FEuXZMRlqyDudJAHj1xOG3aRsBRe/Wufx7DDPYj790Mj jaXnzY+nu79hlKa0GGgWrR4qk9HsJ1rG7pUCJo2cQAlQAUWzH9s0fkSsVLxhuxN4dE1rCnREQ99 O/5g32LtXnhWY5vRpnvwbePCObcv9FNtCoepaWGBsnx/ThTmWxRLetSLiKPAzZcE4sbb/++2MRa 5EE2q5Gd0fubqFfTmiUVJRY1YPRFcXyDE3eDXIGfQn08ofzj0tc5sv2q1jnYBEw6Pq3gRM523ah gvxoAZyISwHugslDolAElyTpXFl2/OMBtTKZOAtxk2qJEYlcXVqCBZgbBKbNHruafrLdvzzCpcy hOKGGqk6IzxjRxmigSFpgR9kHWnuHpjUSkka/kO/AxYLM8lf2phIdy3YRFNAzY4ANu+5ErnKh6F JS1uN5hXyd8y0Ypv+cDE8ffOI= X-Received: by 2002:a17:903:124d:b0:2c0:c262:b928 with SMTP id d9443c01a7336-2c7bf0d568cmr18218935ad.2.1782195034599; Mon, 22 Jun 2026 23:10:34 -0700 (PDT) Received: from LL-868L.kpit.com ([49.206.129.123]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2c7439f85f1sm99844045ad.42.2026.06.22.23.10.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2026 23:10:34 -0700 (PDT) From: Nitin Wankhade X-Google-Original-From: Nitin Wankhade To: yocto-patches@lists.yoctoproject.org Cc: nitin.wankhade@kpit.com, Nitin Wankhade Subject: [meta-lts-collab][kirkstone][PATCH V2 6/7] strongswan: Fix CVE-2026-35333 Date: Tue, 23 Jun 2026 11:40:00 +0530 Message-Id: <20260623061001.644583-6-nitin.wankhade@kpit.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20260623061001.644583-1-nitin.wankhade@kpit.com> References: <20260623061001.644583-1-nitin.wankhade@kpit.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 23 Jun 2026 06:10:48 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/4272 From: Nitin Wankhade Upstream-Status: Backport [https://snapshot.debian.org/archive/debian-security-debug/20260422T125423Z/pool/updates/main/s/strongswan/strongswan_6.0.1-6%2Bdeb13u5.debian.tar.xz] Signed-off-by: Nitin Wankhade --- .../strongswan/files/CVE-2026-35333.patch | 41 +++++++++++++++++++ .../strongswan/strongswan_5.9.13.bbappend | 1 + 2 files changed, 42 insertions(+) create mode 100644 meta-networking/recipes-support/strongswan/files/CVE-2026-35333.patch diff --git a/meta-networking/recipes-support/strongswan/files/CVE-2026-35333.patch b/meta-networking/recipes-support/strongswan/files/CVE-2026-35333.patch new file mode 100644 index 0000000..0233ebf --- /dev/null +++ b/meta-networking/recipes-support/strongswan/files/CVE-2026-35333.patch @@ -0,0 +1,41 @@ +From: =?utf-8?q?Lukas_Johannes_M=C3=B6ller?= +Date: Thu, 12 Mar 2026 10:24:45 +0000 +Subject: libradius: Reject undersized attributes in enumerator +MIME-Version: 1.0 +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +attribute_enumerate() accepts RADIUS attributes whose length byte is +smaller than sizeof(rattr_t) (2). For length == 0, the iterator never +advances and traps callers — including verify() — in a non-advancing +loop. For length == 1, misaligned packed-struct reads occur. + +Add a separate check for this->next->length < sizeof(rattr_t) after +the existing truncation guard. This mirrors radius_message_parse(), +which already distinguishes invalid length from truncation. + +Signed-off-by: Lukas Johannes Möller + +Fixes: 4a6b84a93461 ("reintegrated eap-radius branch into trunk") +Fixes: CVE-2026-35333 + +CVE: CVE-2026-35333 +Upstream-Status: Backport [https://snapshot.debian.org/archive/debian-security-debug/20260422T125423Z/pool/updates/main/s/strongswan/strongswan_6.0.1-6%2Bdeb13u5.debian.tar.xz] +Signed-off-by: Nitin Wankhade +=== +diff --git a/src/libradius/radius_message.c b/src/libradius/radius_message.c +index 8e2db0c..2bbbb48 100644 +--- a/src/libradius/radius_message.c ++++ b/src/libradius/radius_message.c +@@ -261,6 +261,11 @@ METHOD(enumerator_t, attribute_enumerate, bool, + DBG1(DBG_IKE, "RADIUS message truncated"); + return FALSE; + } ++ if (this->next->length < sizeof(rattr_t)) ++ { ++ DBG1(DBG_IKE, "RADIUS attribute has invalid length"); ++ return FALSE; ++ } + *type = this->next->type; + data->ptr = this->next->value; + data->len = this->next->length - sizeof(rattr_t); diff --git a/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend b/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend index 1e90b1c..ecc7788 100644 --- a/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend +++ b/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend @@ -5,4 +5,5 @@ SRC_URI += "\ file://CVE-2026-35330.patch \ file://CVE-2026-35331.patch \ file://CVE-2026-35332.patch \ + file://CVE-2026-35333.patch \ " From patchwork Tue Jun 23 06:10:01 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Nitin Wankhade X-Patchwork-Id: 90678 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3F9ADCD4F26 for ; Tue, 23 Jun 2026 06:10:48 +0000 (UTC) Received: from mail-pl1-f174.google.com (mail-pl1-f174.google.com [209.85.214.174]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.14976.1782195038731725200 for ; Mon, 22 Jun 2026 23:10:38 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20251104 header.b=gTPyl+GY; spf=pass (domain: gmail.com, ip: 209.85.214.174, mailfrom: nitin.wankhade333@gmail.com) Received: by mail-pl1-f174.google.com with SMTP id d9443c01a7336-2c6856433b0so3979765ad.2 for ; Mon, 22 Jun 2026 23:10:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1782195038; x=1782799838; darn=lists.yoctoproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=UQ3fxQnp+iOjUrYQ9b5oKSR0aNEWSELapkO6tmNPgYg=; b=gTPyl+GYPtkJsE7st17FlOANf1DyRU2v0M7RLRGbIvqe9hYbAqEckSIRWofeQHbtJF el2g7otqjjAkWc1AuQdh8LrWFqp74IEySa0TmHBgxli4NlvD9HufDEtNIE7UuVszBn3Y /YnhKrI07uwHsaELSfAiuErbraPE/AbWbdqWbrXmWxrRhIQNryGi5Y+Q6Q4szHdd2GBt NxL5v3rk63iGaYT2KkSIQHkNvmJmt1FexA0g44yxAdz5uFXv2m+9vTMncCujOumC9muU wXQsECBmuVmNJDwSokKjtHTsGqdCPQcA01STu3x/Zuo0c+VnUDJaD8MLCTC4NtZhy7u5 PgJg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1782195038; x=1782799838; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=UQ3fxQnp+iOjUrYQ9b5oKSR0aNEWSELapkO6tmNPgYg=; b=F7pywqmer2JGWALwMot50Ufawg7qsPLpS30M9z0vZ1spD5/fVsCPbfpJEpxe2z8Yht dIK4/4dT9W0BWpxplYrUK+4U+qcpoJREpo2Fdnhlcd18JqqKxYqbz6dnLq9I72eML7/r Vq5tNUcRyO/B4Z4+aErEUgp0XiGAoOwT78RCcfIlkRRh0HDWHS1jadhfwsEXU40/OvGQ saxsrxexeBe7+jGSrzjrUQc+rtoaYBvwKui+fFsyxePS0CSpLW0zAv91+dZE4JXLHTtt c88QrWOB33HVxlZoFe2Jo2Lk59vQLGioB3AeZcSifriMJv0xfKWsddONvjln9KLJy/Dt tLmw== X-Gm-Message-State: AOJu0YygRZxjeZkVAmQWG/ySOWUWdaLiMZVWqVoHoa4j9ppg3EIoqPB3 ovSumcFdkvoOvOvRWNWCXi1NAiFxaGvjfPGlUI9ablChU5dcnNZOPjBt9INv2fvqrL0= X-Gm-Gg: AfdE7clA5QsEyiYHrKrqiF9SW69Bz0Ca7TRa9mycxj9WRRr+1zi9b1MJ0AbLBs8bz0t LUZLOx377zURLlV0P8jrhmOz7iSdneHIsPxOo8fZ7PpWlv2rqb60vUoBkjncfFUB5dxPurjMK9v l+nyQnJ6ZXLrv9/o/OEdEfvy7mP/KwEnq4iXZCiD+hTs/ssRl1ZcmiKO9LwK+fkfJqdB6yik2K5 cP2YaOVyy5Hg+/Mgg3DOMm3mGGxRDluq3UyAl3F5irMHqb1Ll6JSBH2yhxsZrdq605MRMBBHUok mTBiIRcMKRURYtBX6Je7XGTMVMETiSWOdNgRb6qfqolPHomCfeFYBgegLaDm6JaF9dy0iYAxxDl eFAJh6cxg3xqwtWu+itpqVagXGgWSKEQnwrp68UTZtYHpCg9o3SjBWW3unf8sR/6uwaLP7nU0KZ DY+VxhxOWWKivkKKlsk5GwowZRAey11TMJRg== X-Received: by 2002:a17:902:d4d0:b0:2c0:ab82:6b98 with SMTP id d9443c01a7336-2c7bf1b3d2fmr15778205ad.3.1782195037878; Mon, 22 Jun 2026 23:10:37 -0700 (PDT) Received: from LL-868L.kpit.com ([49.206.129.123]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2c7439f85f1sm99844045ad.42.2026.06.22.23.10.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Jun 2026 23:10:37 -0700 (PDT) From: Nitin Wankhade X-Google-Original-From: Nitin Wankhade To: yocto-patches@lists.yoctoproject.org Cc: nitin.wankhade@kpit.com, Nitin Wankhade Subject: [meta-lts-collab][kirkstone][PATCH V2 7/7] strongswan: Fix CVE-2026-35334 Date: Tue, 23 Jun 2026 11:40:01 +0530 Message-Id: <20260623061001.644583-7-nitin.wankhade@kpit.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20260623061001.644583-1-nitin.wankhade@kpit.com> References: <20260623061001.644583-1-nitin.wankhade@kpit.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 23 Jun 2026 06:10:48 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/yocto-patches/message/4273 From: Nitin Wankhade Upstream-Status: Backport [https://snapshot.debian.org/archive/debian-security-debug/20260422T125423Z/pool/updates/main/s/strongswan/strongswan_6.0.1-6%2Bdeb13u5.debian.tar.xz] Signed-off-by: Nitin Wankhade --- .../strongswan/files/CVE-2026-35334.patch | 244 ++++++++++++++++++ .../strongswan/strongswan_5.9.13.bbappend | 1 + 2 files changed, 245 insertions(+) create mode 100644 meta-networking/recipes-support/strongswan/files/CVE-2026-35334.patch diff --git a/meta-networking/recipes-support/strongswan/files/CVE-2026-35334.patch b/meta-networking/recipes-support/strongswan/files/CVE-2026-35334.patch new file mode 100644 index 0000000..cb6777a --- /dev/null +++ b/meta-networking/recipes-support/strongswan/files/CVE-2026-35334.patch @@ -0,0 +1,244 @@ +From: Tobias Brunner +Date: Tue, 24 Mar 2026 18:00:23 +0100 +Subject: gmp: Avoid crash and timing leaks in PKCS#1 v1.5 decryption padding + validation +MIME-Version: 1.0 +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +This fixes a potential crash due to a null-pointer dereference if rsadp() +returns NULL (e.g. with an all-zero ciphertext). + +And it also implements the PKCS#1 v1.5 decryption padding check in +constant time. + +The timing leak caused by the previous implementation was measured at +~17.5 μs at 3 GHz, which could allow a Bleichenbacher-like attack in +LAN environments. However, because of how RSA encryption is used in +strongSwan, this is not that much of an issue in practice. The mechanism +is only used for two use cases. One is SCEP/EST via PKCS#7 enveloped +data. Fortunately, this can not be triggered in significant numbers by +an attacker. The other use case is TLS as used by EAP methods (EAP-TLS, +EAP-PEAP/TTLS) during the authentication. While the cipher suites that +use RSA encryption are still enabled by default, the TLS messages are +wrapped in EAP and encrypted by IKE, making any kind of attack difficult. + +Note that the gmp plugin isn't enabled anymore by default. And even +before that, most setups had the openssl plugin enabled, which has +priority over the gmp plugin. So it's unlikely the plugin was used in +practice. + +Also note that this patch doesn't modify libstrongswan's Makefile.am +to avoid potentially requiring autotools when patching a tarball. + +Fixes: d615ffdcf3cd ("implement gmp_rsa_private_key.decrypt()") +Fixes: CVE-2026-35334 + +CVE: CVE-2026-35334 +Upstream-Status: Backport [https://snapshot.debian.org/archive/debian-security-debug/20260422T125423Z/pool/updates/main/s/strongswan/strongswan_6.0.1-6%2Bdeb13u5.debian.tar.xz] +Signed-off-by: Nitin Wankhade +=== +diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c +index 47784b6..08c5eee 100644 +--- a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c ++++ b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c +@@ -495,8 +495,8 @@ METHOD(private_key_t, decrypt, bool, + private_gmp_rsa_private_key_t *this, encryption_scheme_t scheme, + void *params, chunk_t crypto, chunk_t *plain) + { +- chunk_t em, stripped; +- bool success = FALSE; ++ chunk_t em; ++ u_int valid, i, j, found_sep = 0, sep_index = 0, m_index; + + if (scheme != ENCRYPT_RSA_PKCS1) + { +@@ -505,33 +505,51 @@ METHOD(private_key_t, decrypt, bool, + return FALSE; + } + /* rsa decryption using PKCS#1 RSADP */ +- stripped = em = rsadp(this, crypto); ++ em = rsadp(this, crypto); ++ if (em.len != this->k) ++ { ++ return FALSE; ++ } + +- /* PKCS#1 v1.5 8.1 encryption-block formatting (EB = 00 || 02 || PS || 00 || D) */ ++ /* PKCS#1 v1.5, RFC 8017, section 7.2.2 message structure: ++ * EM = 00 || 02 || PS || 00 || M */ + + /* check for hex pattern 00 02 in decrypted message */ +- if ((*stripped.ptr++ != 0x00) || (*(stripped.ptr++) != 0x02)) ++ valid = constant_time_eq(em.ptr[0], 0x00); ++ valid &= constant_time_eq(em.ptr[1], 0x02); ++ ++ /* the plaintext data starts after first 0x00 byte */ ++ for (i = 2; i < em.len; i++) + { +- DBG1(DBG_LIB, "incorrect padding - probably wrong rsa key"); +- goto end; ++ u_int zero = constant_time_eq(em.ptr[i], 0x00); ++ ++ sep_index = constant_time_select(i, sep_index, ~found_sep & zero); ++ found_sep |= zero; + } +- stripped.len -= 2; + +- /* the plaintext data starts after first 0x00 byte */ +- while (stripped.len-- > 0 && *stripped.ptr++ != 0x00) ++ /* make sure PS is at least eight bytes long (plus the initial bytes) */ ++ valid &= constant_time_ge(sep_index, 10); + +- if (stripped.len == 0) ++ /* instead of copying the message directly, we try not to reveal the message ++ * length i.e. where the 0x00 byte was. and since clearing a chunk is ++ * relatively efficient, i.e. doesn't leak much, we always allocate and copy ++ * a value and then clear it if the structure was invalid */ ++ m_index = constant_time_select(sep_index + 1, 11, valid); ++ ++ *plain = chunk_alloc(this->k); ++ for (i = 0, j = 0; i < em.len; i++) + { +- DBG1(DBG_LIB, "no plaintext data"); +- goto end; ++ plain->ptr[j] = em.ptr[i]; ++ j += constant_time_ge(i, m_index); + } ++ plain->len = j; + +- *plain = chunk_clone(stripped); +- success = TRUE; +- +-end: ++ if (!valid) ++ { ++ chunk_clear(plain); ++ } + chunk_clear(&em); +- return success; ++ return valid; + } + + METHOD(private_key_t, get_keysize, int, +diff --git a/src/libstrongswan/utils/utils.h b/src/libstrongswan/utils/utils.h +index 40fe76a..80199a9 100644 +--- a/src/libstrongswan/utils/utils.h ++++ b/src/libstrongswan/utils/utils.h +@@ -53,6 +53,7 @@ + #include "utils/atomics.h" + #include "utils/align.h" + #include "utils/byteorder.h" ++#include "utils/constant_time.h" + #include "utils/string.h" + #include "utils/memory.h" + #include "utils/strerror.h" +diff --git a/src/libstrongswan/utils/utils/constant_time.h b/src/libstrongswan/utils/utils/constant_time.h +new file mode 100644 +index 0000000..30a8549 +--- /dev/null ++++ b/src/libstrongswan/utils/utils/constant_time.h +@@ -0,0 +1,103 @@ ++/* ++ * Copyright (C) 2026 Tobias Brunner ++ * ++ * Copyright (C) secunet Security Networks AG ++ * ++ * This program is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by the ++ * Free Software Foundation; either version 2 of the License, or (at your ++ * option) any later version. See . ++ * ++ * This program is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ++ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++ * for more details. ++ */ ++ ++/** ++ * @defgroup constant_time_i constant_time ++ * @{ @ingroup constant_time_i ++ */ ++ ++#ifndef CONSTANT_TIME_H_ ++#define CONSTANT_TIME_H_ ++ ++#include ++ ++/** ++ * Check if the given values are not equal in constant time. ++ * ++ * @param x first value to check ++ * @param y second value to check ++ * @return 1 if values are not equal, 0 otherwise ++ */ ++static inline u_int constant_time_neq(uint32_t x, uint32_t y) ++{ ++ return ((x-y) | (y-x)) >> 31; ++} ++ ++/** ++ * Check if the given values are equal in constant time. ++ * ++ * @param x first value to check ++ * @param y second value to check ++ * @return 1 if values are equal, 0 otherwise ++ */ ++static inline u_int constant_time_eq(uint32_t x, uint32_t y) ++{ ++ return 1 ^ constant_time_neq(x, y); ++} ++ ++/** ++ * Compare the two values and return 1 if the first argument is lower than ++ * the second in constant time. ++ * ++ * @param x first value to check ++ * @param y second value to check ++ * @return 1 if first value is lower than second ++ */ ++static inline u_int constant_time_lt(uint32_t x, uint32_t y) ++{ ++ return (x ^ ((x^y) | ((x-y) ^ y))) >> 31; ++} ++ ++/** ++ * Compare the two values and return 1 if the first argument greater or equal to ++ * the second in constant time. ++ * ++ * @param x first value to check ++ * @param y second value to check ++ * @return 1 if first value is greater or equal to the second ++ */ ++static inline u_int constant_time_ge(uint32_t x, uint32_t y) ++{ ++ return 1 ^ constant_time_lt(x, y); ++} ++ ++/** ++ * Return a 32-bit all bit-set mask if the given value is not 0. ++ * ++ * @param x value to check ++ * @return 0xffffffff if value is != 0, 0 otherwise ++ */ ++static inline uint32_t constant_time_mask(uint32_t x) ++{ ++ return -(uint32_t)constant_time_neq(x, 0); ++} ++ ++/** ++ * Select one of two values depending on whether the condition is != 0 or not. ++ * Basically equivalent to 'c ? x : y'. ++ * ++ * @param x first value to select ++ * @param y second value to select ++ * @param c condition ++ * @return x if c is != 0, y otherwise ++ */ ++static inline uint32_t constant_time_select(uint32_t x, uint32_t y, uint32_t c) ++{ ++ uint32_t m = constant_time_mask(c); ++ return (x & m) | (y & ~m); ++} ++ ++#endif /** CONSTANT_TIME_H_ @} */ diff --git a/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend b/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend index ecc7788..ce3f750 100644 --- a/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend +++ b/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bbappend @@ -6,4 +6,5 @@ SRC_URI += "\ file://CVE-2026-35331.patch \ file://CVE-2026-35332.patch \ file://CVE-2026-35333.patch \ + file://CVE-2026-35334.patch \ "