upstream/openvpn
1
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn.git synced 2026-05-21 17:38:19 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
openvpn/tests
History
Steffan Karger 607e2fcb9c tls-crypt-v2: Avoid interpreting opcode as part of WKc 
The buffer we pass to tls_crypt_v2_extract_client_key contains the
entire received control channel packet. We should skip the opcode before
trying to read WKC.

This logic error is a second bug behind the XlabAI finding, next too the
too-strict ASSERT in tls_crypt_unwrap.

Also remove a too strict ASSERT in tls_crypt_unwrap.  We already check
a few lines later for a too short packet and return a proper error
("packet too short").

XlabAI found a way of triggering this ASSERT that requires a tls-crypt-v2
client key that has a specific property (a specific byte need to have a
specific value, about 1/256 probability). If an attacker can get hold of
such a tls-crypt-v2 client key or observe a handshake using such a key,
the attacker can trigger the ASSERT, crashing the server. Setups that do
not use tls-crypt-v2 are not affected.

Independently, Cisco Talos reported a way to trigger this ASSERT with any
tls-crypt-v2 key but this requires the attacker to be also in possession
of the private key part of the tls-crypt-v2 client key or to inject packet
into a live session of a client session.

CVE: 2026-35058
Reported-By: XlabAI Team of Tencent Xuanwu Lab (xlabai@tencent.com)
Reported-By: Guannan Wang (wgnbuaa@gmail.com
Reported-By: Zhanpeng Liu (pkugenuine@gmail.com)
Reported-By: Guancheng Li (lgcpku@gmail.com)
Reported-By: Emma Reuter of Cisco ASIG (TALOS-2026-2381)
Signed-off-by: Steffan Karger <steffan@karger.me>
Signed-off-by: Arne Schwabe <arne@rfc2549.org>

Change-Id: I623733c0476c98f436d19009ee8990693c1579b5
Private-URL: https://github.com/OpenVPN/openvpn-private-issues/issues/111
Acked-by: Gert Doering <gert@greenie.muc.de>
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit 18270324a5fd43122ca1b8c29b224c5dd5905429)
2026-04-21 08:19:42 +02:00
..
unit_tests tls-crypt-v2: Avoid interpreting opcode as part of WKc 2026-04-21 08:19:42 +02:00
lwip_client_up.sh Add lwip support to t_server_null 2025-03-08 09:49:51 +01:00
Makefile.am Add support for Mbed TLS 4 2026-01-24 18:49:44 +01:00
ntlm_support.c Update Copyright statements to 2026 2026-01-08 10:59:57 +01:00
null_client_up.sh Add t_server_null test suite 2024-06-18 22:41:51 +02:00
t_client.rc-sample t_client.sh: Allow to skip tests 2024-03-08 12:27:05 +01:00
t_client.sh.in t_client.sh: Do not wait 3 seconds for OpenVPN to come up 2025-08-08 07:45:44 +02:00
t_cltsrv-down.sh build: standard directory layout 2012-03-22 22:07:08 +01:00
t_cltsrv.sh Update GPL header in all source files to current recommended version 2025-08-03 16:55:47 +02:00
t_lpback.sh Allow test-crypto to work without the --secret argument 2025-12-22 13:09:24 +01:00
t_net.sh tests: Allow to override openvpn binary used 2023-05-16 17:57:48 +02:00
t_server_null.rc-sample t_server_null: multiple improvements and fixes 2024-07-04 22:26:32 +02:00
t_server_null.sh t_server_null: use wait instead of marker files 2024-10-26 11:50:18 +02:00
t_server_null_client.sh Add lwip support to t_server_null 2025-03-08 09:49:51 +01:00
t_server_null_default.rc Review Changes.rst for 2.7.0 release 2026-02-10 18:40:20 +01:00
t_server_null_server.sh t_server_null: print error when server startup fails 2025-06-18 18:07:13 +02:00
t_server_null_stress.sh t_server_null: multiple improvements and fixes 2024-07-04 22:26:32 +02:00
update_t_client_ips.sh Prevent generation of duplicate EXPECT_IFCONFIG entries 2016-11-08 15:09:52 +01:00