Fix for CVE-2019-6486
This commit is contained in:
Jakub Čajka
parent
bc69b83b00
commit
8ae8c86871
|
|
@ -0,0 +1,39 @@
|
|||
From 193c16a3648b8670a762e925b6ac6e074f468a20 Mon Sep 17 00:00:00 2001
|
||||
From: Filippo Valsorda <filippo@golang.org>
|
||||
Date: Tue, 22 Jan 2019 16:02:41 -0500
|
||||
Subject: [PATCH] crypto/elliptic: reduce subtraction term to prevent long busy loop
|
||||
|
||||
If beta8 is unusually large, the addition loop might take a very long
|
||||
time to bring x3-beta8 back positive.
|
||||
|
||||
This would lead to a DoS vulnerability in the implementation of the
|
||||
P-521 and P-384 elliptic curves that may let an attacker craft inputs
|
||||
to ScalarMult that consume excessive amounts of CPU.
|
||||
|
||||
This fixes CVE-2019-6486.
|
||||
|
||||
Fixes #29903
|
||||
|
||||
Change-Id: Ia969e8b5bf5ac4071a00722de9d5e4d856d8071a
|
||||
Reviewed-on: https://team-review.git.corp.google.com/c/399777
|
||||
Reviewed-by: Adam Langley <agl@google.com>
|
||||
Reviewed-by: Julie Qiu <julieqiu@google.com>
|
||||
Reviewed-on: https://go-review.googlesource.com/c/159218
|
||||
Reviewed-by: Julie Qiu <julie@golang.org>
|
||||
---
|
||||
|
||||
diff --git a/src/crypto/elliptic/elliptic.go b/src/crypto/elliptic/elliptic.go
|
||||
index 4fc2b5e..c84657c 100644
|
||||
--- a/src/crypto/elliptic/elliptic.go
|
||||
+++ b/src/crypto/elliptic/elliptic.go
|
||||
@@ -210,8 +210,9 @@
|
||||
|
||||
x3 := new(big.Int).Mul(alpha, alpha)
|
||||
beta8 := new(big.Int).Lsh(beta, 3)
|
||||
+ beta8.Mod(beta8, curve.P)
|
||||
x3.Sub(x3, beta8)
|
||||
- for x3.Sign() == -1 {
|
||||
+ if x3.Sign() == -1 {
|
||||
x3.Add(x3, curve.P)
|
||||
}
|
||||
x3.Mod(x3, curve.P)
|
||||
|
|
@ -106,7 +106,7 @@
|
|||
|
||||
Name: golang
|
||||
Version: 1.12
|
||||
Release: 0.beta2.1%{?dist}
|
||||
Release: 0.beta2.2%{?dist}
|
||||
Summary: The Go Programming Language
|
||||
# source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain
|
||||
License: BSD and Public Domain
|
||||
|
|
@ -183,6 +183,7 @@ Requires: go-srpm-macros
|
|||
|
||||
Patch1: 0001-Don-t-use-the-bundled-tzdata-at-runtime-except-for-t.patch
|
||||
Patch2: 0002-syscall-expose-IfInfomsg.X__ifi_pad-on-s390x.patch
|
||||
Patch3: CVE-2019-6486.patch
|
||||
|
||||
# Having documentation separate was broken
|
||||
Obsoletes: %{name}-docs < 1.1-4
|
||||
|
|
@ -308,6 +309,7 @@ Requires: %{name} = %{version}-%{release}
|
|||
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
|
||||
cp %{SOURCE1} ./src/runtime/
|
||||
|
||||
|
|
@ -546,6 +548,10 @@ fi
|
|||
%endif
|
||||
|
||||
%changelog
|
||||
* Sun Jan 27 2019 Jakub Čajka <jcajka@redhat.com> - 1.12-0.beta2.2
|
||||
- Fix for CVE-2019-6486
|
||||
- Resolves: BZ#1668973
|
||||
|
||||
* Fri Jan 11 2019 Jakub Čajka <jcajka@redhat.com> - 1.12-0.beta2.1
|
||||
- Rebase to go1.12beta2
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue