Merge pull request #1279 from gilles-peskine-arm/memory_allocation_cleanup_psa_crypto_rsa-changelog-3.6

Backport 3.6: Changelog entry for the RSA memory leak (+ extra changelog fixes)
This commit is contained in:
David Horstmann 2024-08-22 15:45:07 +01:00 committed by GitHub
commit d8d5353218
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 5 additions and 2 deletions

View File

@ -1,9 +1,9 @@
Security
* With TLS 1.3, when a server enables optional authentication of the
client, if the client-provided certificate does not have appropriate values
in if keyUsage or extKeyUsage extensions, then the return value of
in keyUsage or extKeyUsage extensions, then the return value of
mbedtls_ssl_get_verify_result() would incorrectly have the
MBEDTLS_X509_BADCERT_KEY_USAGE and MBEDTLS_X509_BADCERT_KEY_USAGE bits
MBEDTLS_X509_BADCERT_KEY_USAGE and MBEDTLS_X509_BADCERT_EXT_KEY_USAGE bits
clear. As a result, an attacker that had a certificate valid for uses other
than TLS client authentication could be able to use it for TLS client
authentication anyway. Only TLS 1.3 servers were affected, and only with

View File

@ -0,0 +1,3 @@
Bugfix
* Fix a memory leak that could occur when failing to process an RSA
key through some PSA functions due to low memory conditions.