Fix CVE-2024-2236

Resolves: RHEL-34579

libgcrypt-1.10.0-marvin2.patch

@@ -0,0 +1,156 @@
+From f490ffd739f713fcf0be35b7fbbb8502dea40a0c Mon Sep 17 00:00:00 2001
+From: Jussi Kivilinna <jussi.kivilinna@iki.fi>
+Date: Sat, 3 Jun 2023 13:20:07 +0300
+Subject: [PATCH] addm/subm/mulm: fix case when destination is same MPI as
+ divider
+
+* mpi/mpi-add.c (_gcry_mpi_addm, _gcry_mpi_subm): Take copy of M when
+W and M are the same MPI.
+* mpi/mpi-mul.c (_gcry_mpi_mulm): Likewise.
+* tests/mpitests.c (test_addm_subm_mulm): New.
+(main): Run addm/subm/mulm test.
+--
+
+Reported-by: Guido Vranken <guidovranken@gmail.com>
+Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
+---
+ mpi/mpi-add.c    | 22 ++++++++++++++++++++
+ mpi/mpi-mul.c    | 11 ++++++++++
+ tests/mpitests.c | 53 ++++++++++++++++++++++++++++++++++++++++++++++++
+ 3 files changed, 86 insertions(+)
+
+diff --git a/mpi/mpi-add.c b/mpi/mpi-add.c
+index 41dc3900..51dc71b7 100644
+--- a/mpi/mpi-add.c
++++ b/mpi/mpi-add.c
+@@ -227,13 +227,35 @@ _gcry_mpi_sub(gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v)
+ void
+ _gcry_mpi_addm( gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m)
+ {
++  gcry_mpi_t temp_m = NULL;
++
++  if (w == m)
++    {
++      temp_m = mpi_copy (m);
++      m = temp_m;
++    }
++
+   mpi_add (w, u, v);
+   mpi_mod (w, w, m);
++
++  if (temp_m)
++    mpi_free(temp_m);
+ }
+ 
+ void
+ _gcry_mpi_subm( gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m)
+ {
++  gcry_mpi_t temp_m = NULL;
++
++  if (w == m)
++    {
++      temp_m = mpi_copy (m);
++      m = temp_m;
++    }
++
+   mpi_sub (w, u, v);
+   mpi_mod (w, w, m);
++
++  if (temp_m)
++    mpi_free(temp_m);
+ }
+diff --git a/mpi/mpi-mul.c b/mpi/mpi-mul.c
+index 60f1ca48..e8e57475 100644
+--- a/mpi/mpi-mul.c
++++ b/mpi/mpi-mul.c
+@@ -207,6 +207,17 @@ _gcry_mpi_mul (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v)
+ void
+ _gcry_mpi_mulm (gcry_mpi_t w, gcry_mpi_t u, gcry_mpi_t v, gcry_mpi_t m)
+ {
++  gcry_mpi_t temp_m = NULL;
++
++  if (w == m)
++    {
++      temp_m = mpi_copy (m);
++      m = temp_m;
++    }
++
+   mpi_mul (w, u, v);
+   _gcry_mpi_tdiv_r (w, w, m);
++
++  if (temp_m)
++    mpi_free(temp_m);
+ }
+diff --git a/tests/mpitests.c b/tests/mpitests.c
+index 48ea18b2..2ee08bd3 100644
+--- a/tests/mpitests.c
++++ b/tests/mpitests.c
+@@ -687,6 +687,58 @@ test_powm (void)
+ }
+ 
+ 
++/* What we test here is that using the same mpi for divider and result
++   works.  */
++static int
++test_addm_subm_mulm (void)
++{
++  int i;
++
++  for (i = 0; i < 3; i++)
++    {
++      unsigned int expect;
++      const char *func;
++      gcry_mpi_t A;
++      gcry_mpi_t B;
++      gcry_mpi_t C;
++
++      A = gcry_mpi_set_ui (NULL, 2);
++      B = gcry_mpi_set_ui (NULL, 4);
++      C = gcry_mpi_set_ui (NULL, 7);
++
++      if (i == 0)
++	{
++	  func = "mpi_addm";
++	  expect = 6;
++	  gcry_mpi_addm(C, A, B, C);
++	}
++      else if (i == 1)
++	{
++	  func = "mpi_subm";
++	  expect = 5;
++	  gcry_mpi_subm(C, A, B, C);
++	}
++      else if (i == 2)
++	{
++	  func = "mpi_mulm";
++	  expect = 1;
++	  gcry_mpi_mulm(C, A, B, C);
++	}
++
++      if (gcry_mpi_is_neg (C) || gcry_mpi_cmp_ui (C, expect))
++	{
++	  die ("test_addm_subm_mulm failed for %s at %d\n", func, __LINE__);
++	}
++
++      gcry_mpi_release(A);
++      gcry_mpi_release(B);
++      gcry_mpi_release(C);
++    }
++
++  return 1;
++}
++
++
+ int
+ main (int argc, char* argv[])
+ {
+@@ -710,6 +762,7 @@ main (int argc, char* argv[])
+   test_sub ();
+   test_mul ();
+   test_powm ();
++  test_addm_subm_mulm ();
+ 
+   return !!error_count;
+ }
+-- 
+2.44.0

libgcrypt.spec

@@ -63,6 +63,31 @@ Patch19: libgcrypt-1.10.0-fips-status-sign-verify.patch
 Patch20: libgcrypt-1.10.0-fips-drbg.patch
 # https://dev.gnupg.org/T6417
 Patch21: libgcrypt-1.10.0-fips-indicator-pk-flags.patch
+# a611e3a25d61505698e2bb38ec2db38bc6a74820
+# 34c20427926010d6fa95b1666e4b1b60f60a8742
+# c848459e512615c1865a23cf24debb3ad4a1e85b
+# c31b70b2660c3d24bd54ee08c255c36d867fdea7
+# bd08357436a9559766cd458d25781ee4f94012a2
+# 58b62be844549ad3d57c507d834027f1e2756567
+# 6d1d50ba3aad1850975f717adbedb4cb8b236fa7
+# 1e9ddbd65c4627235611d75c3198c4ec197c9a05
+# 137e35ad47ee8734d0f3ffb6af1d1669c4621e0b
+# 84f934c09afac18b3f4351646c0fe6f93aede277
+# 0c6ec6bbe788b8c4a6982b2128d442b51323c898
+# 22dde5150ee2be01651410ed9756601ba6a29c93
+# 4d3e0e30b98b2acb90acb2792b8327c26824a66f
+# 179df341162c74da312f76363a0ff1f2f303aa78
+# d4aee9ace9a904446b987dddc2999119c4d62dae
+# aab6a42d5f44724b73a02598546a5e7d8b33298e
+# 5c5ba1ec2b505726ee1311339ac9e8b5c62cac4a
+# cf757cf90e9ae966b95dcebfd2f31b9212697f0c
+# c419a04d529af7b5fb43732ec2b4304166c2579a
+# 39d5364a9557d6f423de117601cb1e6414814f47
+Patch22: libgcrypt-1.10.0-marvin.patch
+# f490ffd739f713fcf0be35b7fbbb8502dea40a0c
+Patch23: libgcrypt-1.10.0-marvin2.patch
+# https://gitlab.com/redhat-crypto/libgcrypt/libgcrypt-mirror/-/merge_requests/19/
+Patch24: libgcrypt-1.10.0-marvin3.patch
 
 %global gcrylibdir %{_libdir}
 %global gcrysoname libgcrypt.so.20
@@ -117,6 +142,9 @@ applications using libgcrypt.
 %patch19 -p1
 %patch20 -p1
 %patch21 -p1
+%patch22 -p1
+%patch23 -p1
+%patch24 -p1
 
 %build
 # This package has a configure test which uses ASMs, but does not link the
@@ -146,6 +174,7 @@ autoreconf -f
      --disable-jent-support \
      --enable-digests="$DIGESTS" \
      --enable-ciphers="$CIPHERS" \
+     --enable-marvin-workaround \
      --with-fips-module-version="$FIPS_MODULE_NAME %{version}-%{srpmhash}"
 sed -i -e '/^sys_lib_dlsearch_path_spec/s,/lib /usr/lib,/usr/lib /lib64 /usr/lib64 /lib,g' libtool
 %make_build