Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security: Privacy leakage in function cyassl_connect_step2() #5626

Open
UVScan opened this issue Sep 2, 2022 · 0 comments
Open

Security: Privacy leakage in function cyassl_connect_step2() #5626

UVScan opened this issue Sep 2, 2022 · 0 comments
Assignees
@j11591

Comments

@UVScan
Copy link

UVScan commented Sep 2, 2022

Affected components

affected source code file: external/curl/vtls/cyassl.c

Attack vector(s)

Missing X509_free() after SSL_get_peer_certificate().
The X509 object must be explicitly freed using X509_free().

Suggested description of the vulnerability for use in the CVE

Privacy leakage vulnerability in cyassl_connect_step2() function in Samsung Electronics TizenRT latest version (and earlier) due to missing X509_free() after SSL_get_peer_certificate().

Discoverer(s)/Credits

UVScan

Reference(s)

https://www.openssl.org/docs/man1.1.1/man3/SSL_get_peer_certificate.html

TizenRT/external/curl/vtls/cyassl.c

Line 545 in f8f776d

x509 = SSL_get_peer_certificate(BACKEND->handle);

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@j11591 j11591

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@j11591 @UVScan