Headline
CVE-2021-43666: mbedtls_pkcs12_derivation() can't exit when the input password length is 0. · Issue #5136 · Mbed-TLS/mbedtls
A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password’s length is 0.
Summary
I am using mbedtls_pkcs12_derivation(). The testfile is as follows:
void PKCS12(){
int keySize = 95;
int iterations = 3;
const uint8_t password[] = {} ;
const uint8_t salt[] = {0xda, 0x22, 0x10, 0x3a, 0xce, 0x14, 0xda, 0xaa, 0x38};
mbedtls_md_type_t md_type = MBEDTLS_MD_NONE;
uint8_t* out = (uint8_t *)::malloc(keySize);
md_type = MBEDTLS_MD_MD5;
mbedtls_pkcs12_derivation(
out,
keySize,
password,
sizeof(password),
salt,
sizeof(salt),
md_type,
MBEDTLS_PKCS12_DERIVE_KEY,
iterations);
free(out);
}
The program keeps running that cannot exit. Neither result nor error is given.
Expected behavior
Exit with a result, or an error code if not supported.
Actual behavior
The function does not exit.
Related news
Gentoo Linux Security Advisory 202301-08
Gentoo Linux Security Advisory 202301-8 - Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could result in arbitrary code execution. Versions less than 2.28.1 are affected.