Documentation
Rate This Document
Findability
Accuracy
Completeness
Readability
SubmitClose

22.0.0.SPC6

This section describes the issues that are resolved by the patch for Kunpeng BoostKit 22.0.0.SPC6 Confidential Computing TrustZone Kit.

Trouble Ticket No.

DTS: DTS2023053101061

Vulnerability ID: HWPSIRT-2023-33676

Description

Condition: OpenSSL calls OBJ_obj2txt() directly with untrusted data.

Symptom: This vulnerability causes a denial of service.

Impact: A denial of service occurs in the application.

The product involves a security vulnerability in OpenSSL 1.1.1n. The CVE number is CVE-2023-2650.

Severity

Major

Cause Analysis

When one of the sub-identifiers in the OBJECT IDENTIFIER is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the translation to a decimal number in text may take a very long time. The time complexity is O(n^2) with 'n' being the size of the sub-identifiers in bytes (*). This vulnerability may lead to a Denial of Service.

Solution

Incorporate the vulnerability fixing patch into the open source component to update the TEE OS firmware.

Impact

The defect is rectified, and no other impact is imposed.

Test Case
  1. After the open source patch for this OpenSSL vulnerability is installed, use the test suite provided by OpenSSL to check whether the vulnerability is fixed.
  2. It is confirmed that the patch for this vulnerability has been incorporated into the open source component introduced into this product.
Parent topic: Resolved Issues