32 lines
1.0 KiB
Diff
32 lines
1.0 KiB
Diff
From ec82ef931c5b60618c728c2252086f94f90c05a8 Mon Sep 17 00:00:00 2001
|
|
From: Jakub Jelen <jjelen@redhat.com>
|
|
Date: Tue, 6 May 2025 22:51:41 +0200
|
|
Subject: [PATCH] CVE-2025-5987 libcrypto: Correctly detect failures of chacha
|
|
initialization
|
|
|
|
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
|
|
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
|
|
---
|
|
src/libcrypto.c | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/src/libcrypto.c b/src/libcrypto.c
|
|
index 468b63f0..2d0148ad 100644
|
|
--- a/src/libcrypto.c
|
|
+++ b/src/libcrypto.c
|
|
@@ -831,9 +831,9 @@ chacha20_poly1305_set_key(struct ssh_cipher_struct *cipher,
|
|
SSH_LOG(SSH_LOG_TRACE, "EVP_CIPHER_CTX_new failed");
|
|
goto out;
|
|
}
|
|
- ret = EVP_EncryptInit_ex(ctx->header_evp, EVP_chacha20(), NULL,
|
|
+ rv = EVP_EncryptInit_ex(ctx->header_evp, EVP_chacha20(), NULL,
|
|
u8key + CHACHA20_KEYLEN, NULL);
|
|
- if (ret != 1) {
|
|
+ if (rv != 1) {
|
|
SSH_LOG(SSH_LOG_TRACE, "EVP_CipherInit failed");
|
|
goto out;
|
|
}
|
|
--
|
|
2.51.0
|
|
|