[Ubuntu 20.04] OpenSSL bugs in the s390x AES code
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu on IBM z Systems |
Fix Released
|
High
|
Skipper Bug Screeners | ||
openssl (Ubuntu) |
Fix Released
|
Undecided
|
Canonical Foundations Team | ||
Bionic |
Fix Released
|
Undecided
|
Canonical Foundations Team | ||
Focal |
Fix Released
|
Undecided
|
Canonical Foundations Team | ||
Hirsute |
Fix Released
|
Undecided
|
Canonical Foundations Team | ||
Impish |
Fix Released
|
Undecided
|
Canonical Foundations Team |
Bug Description
Problem description:
When passing a NULL key to reset AES EVC state, the state wouldn't be completely reset on s390x.
https:/
Solution available here:
https:/
Should be applied to all distros where openssl 1.1.1 is included for consistency reason.
-> 21.10, 20.04, 18.04.
I think not needed for 16.04 anymore....
[Test plan]
$ sudo apt install libssl-dev
$ gcc test.c -o evc-test -lcrypto -lssl # See https:/
$ ./evc-test && echo OK
[Where problems could occur]
This patch only touches s390x code paths, so there shouldn't be any regression on other architectures. However, on s390x this could reveal
latent bugs by spreading a NULL key to new code paths.
tags: | added: architecture-s39064 bugnameltc-193272 severity-high targetmilestone-inin2004 |
Changed in ubuntu: | |
assignee: | nobody → Skipper Bug Screeners (skipper-screen-team) |
affects: | ubuntu → linux (Ubuntu) |
affects: | linux (Ubuntu) → openssl (Ubuntu) |
Changed in ubuntu-z-systems: | |
assignee: | nobody → Skipper Bug Screeners (skipper-screen-team) |
Changed in openssl (Ubuntu): | |
assignee: | Skipper Bug Screeners (skipper-screen-team) → Canonical Foundations Team (canonical-foundations) |
Changed in ubuntu-z-systems: | |
importance: | Undecided → High |
status: | New → Triaged |
tags: | added: fr-1444 |
Changed in ubuntu-z-systems: | |
status: | Triaged → In Progress |
Changed in ubuntu-z-systems: | |
status: | In Progress → Fix Committed |
Changed in ubuntu-z-systems: | |
status: | Fix Committed → Fix Released |
Default Comment by Bridge