diff options
| author | Jack Lloyd <[email protected]> | 2017-07-16 17:29:04 -0400 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2017-07-16 17:29:04 -0400 |
| commit | 42bc95cec681a8648d434747a99c5e96e59b7a72 (patch) | |
| tree | 681deed487b0596d710c8820220822dd38e05a79 /doc/security.rst | |
| parent | 38fe6d3ab3e8a4be2becd5fd0b8c7bb4a8f1e192 (diff) | |
Fix failure to fully zero memory before free
Introduced in 455bd2557cbb1343e59eefd97cb449f06a702c28
Found and reported by Roman Pozlevich
Diffstat (limited to 'doc/security.rst')
| -rw-r--r-- | doc/security.rst | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/doc/security.rst b/doc/security.rst index 9d08ed8c8..4b755da8d 100644 --- a/doc/security.rst +++ b/doc/security.rst @@ -18,6 +18,19 @@ https://keybase.io/jacklloyd and on most PGP keyservers. 2017 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ +* 2017-07-16: Failure to fully zeroize memory before free + + The secure_allocator type attempts to zeroize memory before freeing it. Due to + a error sometimes only a portion of the memory would be zeroed, because of a + confusion between the number of elements vs the number of bytes that those + elements use. So byte vectors would always be fully zeroed (since the two + notions result in the same value), but for example with an array of 32-bit + integers, only the first 1/4 of the elements would be zeroed before being + deallocated. This may result in information leakage, if an attacker can access + memory on the heap. Reported by Roman Pozlevich. + + Bug introduced in 1.11.10, fixed in 2.2.0 + * 2017-04-04 (CVE-2017-2801): Incorrect comparison in X.509 DN strings Botan's implementation of X.509 name comparisons had a flaw which |