upstream/openvpn
1
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn.git synced 2026-05-28 04:03:29 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
openvpn/tests
History
Steffan Karger 0dc820fe1d tls-crypt-v2: Avoid interpreting opcode as part of WKc 
The buffer we pass to tls_crypt_v2_extract_client_key contains the
entire received control channel packet. We should skip the opcode before
trying to read WKC.

This logic error is a second bug behind the XlabAI finding, next too the
too-strict ASSERT in tls_crypt_unwrap.

Also remove a too strict ASSERT in tls_crypt_unwrap.  We already check
a few lines later for a too short packet and return a proper error
("packet too short").

XlabAI found a way of triggering this ASSERT that requires a tls-crypt-v2
client key that has a specific property (a specific byte need to have a
specific value, about 1/256 probability). If an attacker can get hold of
such a tls-crypt-v2 client key or observe a handshake using such a key,
the attacker can trigger the ASSERT, crashing the server. Setups that do
not use tls-crypt-v2 are not affected.

Independently, Cisco Talos reported a way to trigger this ASSERT with any
tls-crypt-v2 key but this requires the attacker to be also in possession
of the private key part of the tls-crypt-v2 client key or to inject packet
into a live session of a client session.

CVE: 2026-35058
Reported-By: XlabAI Team of Tencent Xuanwu Lab (xlabai@tencent.com)
Reported-By: Guannan Wang (wgnbuaa@gmail.com
Reported-By: Zhanpeng Liu (pkugenuine@gmail.com)
Reported-By: Guancheng Li (lgcpku@gmail.com)
Reported-By: Emma Reuter of Cisco ASIG (TALOS-2026-2381)
Signed-off-by: Steffan Karger <steffan@karger.me>
Signed-off-by: Arne Schwabe <arne@rfc2549.org>

Change-Id: I623733c0476c98f436d19009ee8990693c1579b5
Private-URL: https://github.com/OpenVPN/openvpn-private-issues/issues/111
Acked-by: Gert Doering <gert@greenie.muc.de>
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 18270324a5fd43122ca1b8c29b224c5dd5905429)
2026-04-22 09:16:23 +02:00
..
unit_tests tls-crypt-v2: Avoid interpreting opcode as part of WKc 2026-04-22 09:16:23 +02:00
Makefile.am Update Copyright statements to 2024 2024-03-18 18:49:36 +01:00
ntlm_support.c Update Copyright statements to 2024 2024-03-18 18:49:36 +01:00
t_client.rc-sample t_client.sh: Allow to skip tests 2024-03-11 17:17:55 +01:00
t_client.sh.in tests: Allow to override openvpn binary used 2025-12-08 22:37:24 +01:00
t_cltsrv-down.sh build: standard directory layout 2012-03-22 22:07:08 +01:00
t_cltsrv.sh tests: Allow to override openvpn binary used 2025-12-08 22:37:24 +01:00
t_lpback.sh tests: Allow to override openvpn binary used 2025-12-08 22:37:24 +01:00
t_net.sh tests: Allow to override openvpn binary used 2025-12-08 22:37:24 +01:00
update_t_client_ips.sh Prevent generation of duplicate EXPECT_IFCONFIG entries 2016-11-08 15:09:52 +01:00