[Pkg-openssl-devel] Bug#1095765: openssl: CVE-2024-12797
Salvatore Bonaccorso
carnil at debian.org
Tue Feb 11 19:11:29 GMT 2025
Source: openssl
Version: 3.4.0-2
Severity: grave
Tags: security upstream
X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
Hi,
The following vulnerability was published for openssl.
CVE-2024-12797[0]:
| Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to
| authenticate a server may fail to notice that the server was not
| authenticated, because handshakes don't abort as expected when the
| SSL_VERIFY_PEER verification mode is set. Impact summary: TLS and
| DTLS connections using raw public keys may be vulnerable to man-in-
| middle attacks when server authentication failure is not detected by
| clients. RPKs are disabled by default in both TLS clients and TLS
| servers. The issue only arises when TLS clients explicitly enable
| RPK use by the server, and the server, likewise, enables sending of
| an RPK instead of an X.509 certificate chain. The affected clients
| are those that then rely on the handshake to fail when the server's
| RPK fails to match one of the expected public keys, by setting the
| verification mode to SSL_VERIFY_PEER. Clients that enable server-
| side raw public keys can still find out that raw public key
| verification failed by calling SSL_get_verify_result(), and those
| that do, and take appropriate action, are not affected. This issue
| was introduced in the initial implementation of RPK support in
| OpenSSL 3.2. The FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are not
| affected by this issue.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2024-12797
https://www.cve.org/CVERecord?id=CVE-2024-12797
[1] https://openssl-library.org/news/secadv/20250211.txt
Regards,
Salvatore
More information about the Pkg-openssl-devel
mailing list