*** This bug is a security vulnerability *** Public security bug reported:
The following security bug was published for mbedtls: [Vulnerability] If a malicious peer supplies an X.509 certificate chain that has more than MBEDTLS_X509_MAX_INTERMEDIATE_CA intermediates (which by default is 8), it could bypass authentication of the certificates, when the authentication mode was set to 'optional' eg. MBEDTLS_SSL_VERIFY_OPTIONAL. The issue could be triggered remotely by both the client and server sides. If the authentication mode, which can be set by the function mbedtls_ssl_conf_authmode(), was set to 'required' eg. MBEDTLS_SSL_VERIFY_REQUIRED which is the default, authentication would occur normally as intended. [Impact] Depending on the platform, an attack exploiting this vulnerability could allow successful impersonation of the intended peer and permit man-in-the-middle attacks. https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security- advisory-2017-02 As far as I can tell, mbed TLS in xenial, zesty and artful are affected. No version of polarssl is affected. ** Affects: mbedtls (Ubuntu) Importance: Undecided Status: New ** Affects: mbedtls (Debian) Importance: Unknown Status: Unknown ** Information type changed from Private Security to Public Security ** Bug watch added: Debian Bug tracker #873557 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873557 ** Also affects: mbedtls (Debian) via https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873557 Importance: Unknown Status: Unknown ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-14032 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1714640 Title: CVE-2017-14032 - certificate authentication bypass To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mbedtls/+bug/1714640/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
