Allele Security Alert
ASA-2019-00158
Identifier(s)
ASA-2019-00158, CVE-2019-3829, GNUTLS-SA-2019-03-27
Title
Use-after-free/double-free in certificate verification
Vendor(s)
The GnuTLS Project
Product(s)
GnuTLS
Affected version(s)
GnuTLS 3.5.8 or later
Fixed version(s)
GnuTLS 3.6.7
Proof of concept
Yes
Description
A flaw was found in gnutls 3.5.8 or later. A use-after-free in multi-threaded-clients and a double-free vulnerability in single-threaded clients because _gnutls_x509_get_signature does not clear signature->data in the cleanup path.
Technical details
This is a critical memory corruption vulnerability in any API backed by verify_crt(), including gnutls_x509_trust_list_verify_crt() and related routines. I suspect any client or server that verifies X.509 certificates with GnuTLS is likely affected and can be compromised by a malicious server or active network attacker.
In multi-threaded-clients this is a use-after-free vulnerability, and a double-free vulnerability in single-threaded clients.
The core bug is that _gnutls_x509_get_signature does not clear signature->data in the cleanup path:
lib/x509/common.c cleanup: gnutls_free(signature->data); // <- pointer in datum parameter freed, but not cleared return result; }
Callers like check_if_ca assume that if _gnutls_x509_get_signature ever sets that parameter, then it can be safely freed, but that is not true:
lib/x509/verify.c ret = _gnutls_x509_get_signature(cert->cert, "signature", &cert_signature); if (ret < 0) { gnutls_assert(); goto fail; } // ... fail: result = 0; cleanup: _gnutls_free_datum(&cert_signed_data); _gnutls_free_datum(&issuer_signed_data); _gnutls_free_datum(&cert_signature); // <--- freed again _gnutls_free_datum(&issuer_signature); return result; }
Credits
Tavis Ormandy (Google Project Zero)
Reference(s)
GnuTLS
https://www.gnutls.org/security-new.html#GNUTLS-SA-2019-03-27
SECURITY: CVE-2019-3829: critical use after free vulnerability in verify_crt()
https://gitlab.com/gnutls/gnutls/issues/694
CVE-2019-3829 - Red Hat Customer Portal
https://access.redhat.com/security/cve/CVE-2019-3829
CVE-2019-3829
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3829
CVE-2019-3829
https://nvd.nist.gov/vuln/detail/CVE-2019-3829
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: March 27, 2019