[Bug 1714640] [NEW] CVE-2017-14032 - certificate authentication bypass
Launchpad Bug Tracker
1714640 at bugs.launchpad.net
Wed Sep 6 20:29:00 UTC 2017
*** This bug is a security vulnerability ***
You have been subscribed to a public security bug by James Cowgill (jcowgill):
The following security bug was published for mbedtls:
[Vulnerability]
If a malicious peer supplies an X.509 certificate chain that has more
than MBEDTLS_X509_MAX_INTERMEDIATE_CA intermediates (which by default is
8), it could bypass authentication of the certificates, when the
authentication mode was set to 'optional' eg.
MBEDTLS_SSL_VERIFY_OPTIONAL. The issue could be triggered remotely by
both the client and server sides.
If the authentication mode, which can be set by the function
mbedtls_ssl_conf_authmode(), was set to 'required' eg.
MBEDTLS_SSL_VERIFY_REQUIRED which is the default, authentication would
occur normally as intended.
[Impact]
Depending on the platform, an attack exploiting this vulnerability could
allow successful impersonation of the intended peer and permit
man-in-the-middle attacks.
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-
advisory-2017-02
As far as I can tell, mbed TLS in xenial, zesty and artful are affected.
No version of polarssl is affected.
** Affects: mbedtls (Ubuntu)
Importance: Undecided
Status: Confirmed
** Affects: mbedtls (Debian)
Importance: Unknown
Status: Fix Released
** Tags: patch
--
CVE-2017-14032 - certificate authentication bypass
https://bugs.launchpad.net/bugs/1714640
You received this bug notification because you are a member of Ubuntu Sponsors Team, which is subscribed to the bug report.
More information about the Ubuntu-sponsors
mailing list