From 8ae8c86871630f7133efb9074efd16764ea0e413 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakub=20=C4=8Cajka?= Date: Tue, 29 Jan 2019 12:52:29 +0100 Subject: [PATCH] Fix for CVE-2019-6486 --- CVE-2019-6486.patch | 39 +++++++++++++++++++++++++++++++++++++++ golang.spec | 8 +++++++- 2 files changed, 46 insertions(+), 1 deletion(-) create mode 100644 CVE-2019-6486.patch diff --git a/CVE-2019-6486.patch b/CVE-2019-6486.patch new file mode 100644 index 0000000..5091d32 --- /dev/null +++ b/CVE-2019-6486.patch @@ -0,0 +1,39 @@ +From 193c16a3648b8670a762e925b6ac6e074f468a20 Mon Sep 17 00:00:00 2001 +From: Filippo Valsorda +Date: Tue, 22 Jan 2019 16:02:41 -0500 +Subject: [PATCH] crypto/elliptic: reduce subtraction term to prevent long busy loop + +If beta8 is unusually large, the addition loop might take a very long +time to bring x3-beta8 back positive. + +This would lead to a DoS vulnerability in the implementation of the +P-521 and P-384 elliptic curves that may let an attacker craft inputs +to ScalarMult that consume excessive amounts of CPU. + +This fixes CVE-2019-6486. + +Fixes #29903 + +Change-Id: Ia969e8b5bf5ac4071a00722de9d5e4d856d8071a +Reviewed-on: https://team-review.git.corp.google.com/c/399777 +Reviewed-by: Adam Langley +Reviewed-by: Julie Qiu +Reviewed-on: https://go-review.googlesource.com/c/159218 +Reviewed-by: Julie Qiu +--- + +diff --git a/src/crypto/elliptic/elliptic.go b/src/crypto/elliptic/elliptic.go +index 4fc2b5e..c84657c 100644 +--- a/src/crypto/elliptic/elliptic.go ++++ b/src/crypto/elliptic/elliptic.go +@@ -210,8 +210,9 @@ + + x3 := new(big.Int).Mul(alpha, alpha) + beta8 := new(big.Int).Lsh(beta, 3) ++ beta8.Mod(beta8, curve.P) + x3.Sub(x3, beta8) +- for x3.Sign() == -1 { ++ if x3.Sign() == -1 { + x3.Add(x3, curve.P) + } + x3.Mod(x3, curve.P) diff --git a/golang.spec b/golang.spec index 6c8b1aa..3ba1d70 100644 --- a/golang.spec +++ b/golang.spec @@ -106,7 +106,7 @@ Name: golang Version: 1.12 -Release: 0.beta2.1%{?dist} +Release: 0.beta2.2%{?dist} Summary: The Go Programming Language # source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain License: BSD and Public Domain @@ -183,6 +183,7 @@ Requires: go-srpm-macros Patch1: 0001-Don-t-use-the-bundled-tzdata-at-runtime-except-for-t.patch Patch2: 0002-syscall-expose-IfInfomsg.X__ifi_pad-on-s390x.patch +Patch3: CVE-2019-6486.patch # Having documentation separate was broken Obsoletes: %{name}-docs < 1.1-4 @@ -308,6 +309,7 @@ Requires: %{name} = %{version}-%{release} %patch1 -p1 %patch2 -p1 +%patch3 -p1 cp %{SOURCE1} ./src/runtime/ @@ -546,6 +548,10 @@ fi %endif %changelog +* Sun Jan 27 2019 Jakub Čajka - 1.12-0.beta2.2 +- Fix for CVE-2019-6486 +- Resolves: BZ#1668973 + * Fri Jan 11 2019 Jakub Čajka - 1.12-0.beta2.1 - Rebase to go1.12beta2