git: c4c0bd4d0102 - stable/12 - heimdal: Fix CVE-2022-4152, signature validation error

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Cy Schubert <cy_at_FreeBSD.org>
Date: Fri, 10 Mar 2023 20:32:32 UTC
The branch stable/12 has been updated by cy:

URL: https://cgit.FreeBSD.org/src/commit/?id=c4c0bd4d0102feef22157491538b78c0e894b1aa

commit c4c0bd4d0102feef22157491538b78c0e894b1aa
Author:     Cy Schubert <cy@FreeBSD.org>
AuthorDate: 2023-03-10 01:03:52 +0000
Commit:     Cy Schubert <cy@FreeBSD.org>
CommitDate: 2023-03-10 04:07:43 +0000

    heimdal: Fix CVE-2022-4152, signature validation error
    
    When CVE-2022-3437 was fixed by changing memcmp to be a constant
    time and the workaround for th e compiler was to add "!=0". However
    the logic implmented was inverted resulting in CVE-2022-4152.
    
    Reported by:    Timothy E Zingelman <zingelman _AT_ fnal.gov>
    Security:       CVE-2022-4152
    Security:       https://www.cve.org/CVERecord?id=CVE-2022-45142
    Security:       https://nvd.nist.gov/vuln/detail/CVE-2022-45142
    Security:       https://security-tracker.debian.org/tracker/CVE-2022-45142
    Security:       https://bugs.gentoo.org/show_bug.cgi?id=CVE-2022-45142
    Security:       https://bugzilla.samba.org/show_bug.cgi?id=15296
    Security:       https://www.openwall.com/lists/oss-security/2023/02/08/1
    
    (cherry picked from commit 5abaf0866445a61c11665fffc148ecd13a7bb9ac)
---
 crypto/heimdal/lib/gssapi/krb5/arcfour.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/crypto/heimdal/lib/gssapi/krb5/arcfour.c b/crypto/heimdal/lib/gssapi/krb5/arcfour.c
index 3b8d452877dd..7d1143c95d83 100644
--- a/crypto/heimdal/lib/gssapi/krb5/arcfour.c
+++ b/crypto/heimdal/lib/gssapi/krb5/arcfour.c
@@ -307,7 +307,7 @@ _gssapi_verify_mic_arcfour(OM_uint32 * minor_status,
 	return GSS_S_FAILURE;
     }
 
-    cmp = (ct_memcmp(cksum_data, p + 8, 8) == 0);
+    cmp = (ct_memcmp(cksum_data, p + 8, 8) != 0);
     if (cmp) {
 	*minor_status = 0;
 	return GSS_S_BAD_MIC;
@@ -695,7 +695,7 @@ OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status,
 	return GSS_S_FAILURE;
     }
 
-    cmp = (ct_memcmp(cksum_data, p0 + 16, 8) == 0); /* SGN_CKSUM */
+    cmp = (ct_memcmp(cksum_data, p0 + 16, 8) != 0); /* SGN_CKSUM */
     if (cmp) {
 	_gsskrb5_release_buffer(minor_status, output_message_buffer);
 	*minor_status = 0;