Headline
CVE-2022-48570: Release Crypto++ 8.4 release · weidai11/cryptopp
Crypto++ through 8.4 contains a timing side channel in ECDSA signature generation. Function FixedSizeAllocatorWithCleanup could write to memory outside of the allocation if the allocated memory was not 16-byte aligned. NOTE: this issue exists because the CVE-2019-14318 fix was intentionally removed for functionality reasons.
Crypto++ 8.4 was released on January 1, 2021. The 8.4 release was a minor, unplanned release. There was no CVEs and one memory error fixed. A recompile of programs is required due to an unintentional ABI break in Crypto++ 8.3.
The Crypto++ 8.4 release reverted the changes for constant-time elliptic curve algorithms. Marcel Keller reported some operations broke under the new algorithm in Issue 992. The revert reactivated CVE-2019-14318.
The release also cleared a memory error reported by Daniel McRobb in Issue 988. McRobb discovered FixedSizeAllocatorWithCleanup could write to memory outside of the allocation if the allocated memory was not 16-byte aligned.
Release Notes
- fix SIGILL on POWER8 when compiling with GCC 10
- fix potential out-of-bounds write in FixedSizeAllocatorWithCleanup
- fix compile on AIX POWER7 with IBM XLC 12.01
- fix compile on Solaris with SunCC 12.6
- revert changes for constant-time elliptic curve algorithms
- fix makefile clean and distclean recipes
FIPS DLL deprecation
The FIPS DLL used to be an important artifact for Windows builds. NIST moved the Crypto++ library to the Historical Validation List in 2014. The Windows DLL is no longer validated.
The project files to build the FIPS DLL are cryptdll.vcxproj and dlltest.vcxproj. The projects are now deprecated and subject to removal.