Page Menu
Home
FreeBSD
Search
Configure Global Search
Log In
Files
F147607432
D42881.1783873608.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Flag For Later
Award Token
Size
4 KB
Referenced Files
None
Subscribers
None
D42881.1783873608.diff
View Options
diff --git a/FreeBSD-EN-23:17.ossl b/FreeBSD-EN-23:17.ossl
--- /dev/null
+++ b/FreeBSD-EN-23:17.ossl
@@ -0,0 +1,128 @@
+=============================================================================
+FreeBSD-EN-23:17.ossl Errata Notice
+ The FreeBSD Project
+
+Topic: ossl(4)'s AES-GCM implementation may give incorrect results
+
+Category: core
+Module: ossl
+Announced: 2023-XX-XX
+Affects: FreeBSD 14.0
+Corrected: 2023-XX-XX XX:XX:XX UTC (stable/14, 14.0-STABLE)
+ 2023-XX-XX XX:XX:XX UTC (releng/14.0, 14.0-RELEASE-pXX)
+
+For general information regarding FreeBSD Errata Notices and Security
+Advisories, including descriptions of the fields above, security
+branches, and the following sections, please visit
+<URL:https://security.FreeBSD.org/>.
+
+I. Background
+
+ossl(4) is a kernel module which implements some cryptographic
+operations using implementations derived from OpenSSL and integrated
+into the FreeBSD kernel's OpenCrypto Framework (OCF).
+
+II. Problem Description
+
+ossl(4) contains an implementation of AES-GCM for amd64. This
+implementation does not properly implement some aspects of the OCF
+interface. In particular, ossl(4) AES-GCM sessions are not thread-safe,
+and do not handle an AAD buffer outside of the main plaintext/ciphertext
+buffer. The former bug affects consumers which dispatch multiple
+requests in parallel on a single session, such as ZFS when encrypted
+datasets are configured. External AAD buffers are used by some network
+features such as ktls(4).
+
+III. Impact
+
+On amd64 systems, ossl(4) could give incorrect output for AES-GCM
+operations if consumers trigger either of the bugs described above.
+This could, for example, result in packet loss, if ossl is used to
+encrypt/decrypt tunnelled traffic, or data corruption if ossl is used to
+encrypt/decrypt filesystem data.
+
+Users are not affected by default, as ossl.ko is not loaded by default.
+To be affected, a system must either be running a custom kernel which
+contains ossl(4), or be configured to load ossl.ko via loader.conf(5).
+
+IV. Workaround
+
+Disable the use of ossl(4), either by removing it from loader.conf or
+the kernel configuration, and reboot the system. The built-in aesni(4)
+module implements all of the same operations as ossl.
+
+V. Solution
+
+<insert solution here>
+
+Upgrade your system to a supported FreeBSD stable or release / security
+branch (releng) dated after the correction date.
+[XX Needs reboot? Mention please]
+
+Perform one of the following:
+
+1) To update your system via a binary patch:
+
+Systems running a RELEASE version of FreeBSD on the amd64 or arm64 platforms,
+or the i386 platfrom on FreeBSD 13 and earlier, can be updated via
+the freebsd-update(8) utility:
+
+# freebsd-update fetch
+# freebsd-update install
+[XX Needs reboot? Mention please]
+
+2) To update your system via a source code patch:
+
+The following patches have been verified to apply to the applicable
+FreeBSD release branches.
+
+a) Download the relevant patch from the location below, and verify the
+detached PGP signature using your PGP utility.
+
+[FreeBSD 12.4]
+# fetch https://security.FreeBSD.org/patches/EN-XX:XX/XXXX.patch
+# fetch https://security.FreeBSD.org/patches/EN-XX:XX/XXXX.patch.asc
+# gpg --verify XXXX.patch.asc
+
+b) Apply the patch. Execute the following commands as root:
+
+# cd /usr/src
+# patch < /path/to/patch
+
+c) Recompile your kernel as described in
+<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
+system.
+
+VI. Correction details
+
+This issue is corrected as of the corresponding Git commit hash or Subversion
+revision number in the following stable and release branches:
+
+Branch/path Hash Revision
+-------------------------------------------------------------------------
+stable/14/ 118b866d9c39 stable/14-n265898
+releng/14.0/ XXXXXXXXXXXX releng/14.0-nXXXXXX
+-------------------------------------------------------------------------
+
+Run the following command to see which files were modified by a
+particular commit:
+
+# git show --stat <commit hash>
+
+Or visit the following URL, replacing NNNNNN with the hash:
+
+<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>
+
+To determine the commit count in a working tree (for comparison against
+nNNNNNN in the table above), run:
+
+# git rev-list --count --first-parent HEAD
+
+VII. References
+
+<other info on the problem>
+
+<URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=XXXXXX>
+
+The latest revision of this advisory is available at
+<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-XX:XX.XXXXX.asc>
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Sun, Jul 12, 4:26 PM (2 h, 42 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
29097065
Default Alt Text
D42881.1783873608.diff (4 KB)
Attached To
Mode
D42881: FreeBSD-EN-23:17.ossl
Attached
Detach File
Event Timeline
Log In to Comment