Fix CVE-2026-41989: Denial of Service and buffer overflow via crafted ECDH ciphertext

Resolves: RHEL-182718
This commit is contained in:
Jakub Jelen 2026-06-26 15:36:17 +02:00
parent 0b15f0c508
commit bcc94d5bba
2 changed files with 43 additions and 0 deletions

View File

@ -0,0 +1,40 @@
From 5ba63ec41a6e734c9ff82e20e4f84ac94c59ae27 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Fri, 10 Apr 2026 16:58:57 +0900
Subject: [PATCH] cipher:ecc: Fix decoding a point on Montgomery curve.
* cipher/ecc-misc.c (_gcry_ecc_mont_decodepoint): Fix the padding
mistake and add updating RAWMPILEN.
--
Reported by Calif.io in collaboration with Claude and Anthropic
Research.
GnuPG-bug-id: 8211
Fixes-commit: bbe15758c893dbf546416c1a6bccdad1ab000ad7
Suggested-by: Bronson Yen <bronson@calif.io>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
cipher/ecc-misc.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/cipher/ecc-misc.c b/cipher/ecc-misc.c
index 0c387c27..be4e2862 100644
--- a/cipher/ecc-misc.c
+++ b/cipher/ecc-misc.c
@@ -324,7 +324,10 @@ _gcry_ecc_mont_decodepoint (gcry_mpi_t pk, mpi_ec_t ctx, mpi_point_t result)
*--p = *buf++;
if (rawmpilen < nbytes)
- memset (rawmpi + nbytes - rawmpilen, 0, nbytes - rawmpilen);
+ {
+ memset (rawmpi + rawmpilen, 0, nbytes - rawmpilen);
+ rawmpilen = nbytes;
+ }
}
else
{
--
2.54.0

View File

@ -88,6 +88,8 @@ Patch22: libgcrypt-1.10.0-marvin.patch
Patch23: libgcrypt-1.10.0-marvin2.patch
# https://gitlab.com/redhat-crypto/libgcrypt/libgcrypt-mirror/-/merge_requests/19/
Patch24: libgcrypt-1.10.0-marvin3.patch
# https://dev.gnupg.org/T8211.html
Patch25: libgcrypt-1.11.0-montgomery-zeroes.patch
%global gcrylibdir %{_libdir}
%global gcrysoname libgcrypt.so.20
@ -145,6 +147,7 @@ applications using libgcrypt.
%patch22 -p1
%patch23 -p1
%patch24 -p1
%patch25 -p1
%build
# This package has a configure test which uses ASMs, but does not link the