[Bug Report]: Patch for CVE-2018-9988 & CVE-2019-16910 in reused component mbedtls
ltcdCai opened this issue · comments
Contact Details
weitingcai2020@gmail.com
What happened?
我通过使用V1SCAN(一个扫描存在于复用代码中1-Day漏洞的工具),发现您的项目中Harmonykernel/KAL/LiteOS/Huawei_LiteOS/components/security/mbedtls/mbedtls-2.6.0/library文件夹下的ssl_cli.c文件和ecdsa.c文件可能存在漏洞, 具体参考链接如下:
CVE-2019-16910 in ecdsa.c:
相关触发逻辑类似GHSA-jg4p-c829-4q39
NVD说明链接:
https://nvd.nist.gov/vuln/detail/CVE-2019-16910
commit修复链接:
Mbed-TLS/mbedtls@027f84c
Since this is resulted mainly by reusing a file in older version, it is recommended to updating it to the latest version.
CVE-2018-9988 in ssl_cli.c:
相关触发逻辑类似GHSA-h9j8-4v77-hmr3
NVD说明链接:
https://nvd.nist.gov/vuln/detail/CVE-2018-9988
commit修复链接:
Mbed-TLS/mbedtls@33f66ba#diff-2fdf7c956098af4050cf1b26e4b5291e6aafab8e8682aa3fcab978baffa3c86c
Replace the line 2476: if( end != p + sig_len ) with the following line:
if( p != end - sig_len )
考虑到其可能存在的潜在风险,我愿意配合您以负责任的方式及时核实、解决和报告发现的漏洞。 如果您需要任何进一步的信息或帮助,请随时与我联系。如果需要,我也可以提交PR帮助您修复。 谢谢您,期待尽快收到您的回复!