6 Replies Latest reply on May 4, 2018 2:54 AM by grsr

    mbedTLS Security Advisory

    axel.lin_1746341

      Hi,

      The WICED-Studio-6.0.1 uses an old version of mbedTLS library (v2.4.0).

      I'm wondering if WICED is impacted by below vulnerability?

       

      https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-01

      https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-02

      https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01

       

      If yes, please include the fix in the upcoming release.

       

      Thanks.

        • 1. Re: mbedTLS Security Advisory
          axel.lin_1746341

          sdk-6.1 still uses mbedTLS 2.4.0.

          Maybe cypress can fix this in next release?

          • 2. Re: mbedTLS Security Advisory
            grsr

            Here is the official statement:

             

            "As part of WICED 6.2 SDK, we will be upgrading to 2.6.0 that should address the first 2 issues (the third issue does not impact WICED, see note below). We do not plan to upgrade to 2.7.0 yet as it was released just a couple of weeks ago – we would like to wait at least a month or so to see if there are any major glitches before upgrading.

             

            Freeing of memory allocated on stack when validating a public key with a secp224k1 curve

            >>> As per the security advisory, this issue shall impact WICED. The suggested workaround is to disable MBEDTLS_ECP_DP_SECP224K1_ENABLED in config.h. This issue does not exist in 2.6.0 and should be resolved when we upgrade to 2.6.0 as part of WICED studio 6.2 release.

             

            Bypass of authentication of peer possible when the authentication mode is configured as 'optional'

            >>> As per the security advisory, this issue will impact only if MBEDTLS_SSL_VERIFY_REQUIRED is turned off. However, by default in WICED, we have this MACRO enabled and our recommendation is to keep it enabled. As long as the customer does not alter this value, they are good. Anyways, this issue will also get addressed as part of 2.6.0.

             

            Risk of remote code execution when truncated HMAC is enabled

            >>> As per the security advisory, this issue will impact only if MBEDTLS_SSL_TRUNCATED_HMAC is enabled. We do not have this MACRO enabled in WICED. This issue has been fixed in 2.7.0; however we are not upgrading to 2.7.0 yet. But as I mentioned, as long as this flag is not enabled, it shouldn’t matter."

            2 of 2 people found this helpful
            • 3. Re: mbedTLS Security Advisory
              axel.lin_1746341

              grsr wrote:

               

              Here is the official statement:

               

              "As part of WICED 6.2 SDK, we will be upgrading to 2.6.0 that should address the first 2 issues (the third issue does not impact WICED, see note below). We do not plan to upgrade to 2.7.0 yet as it was released just a couple of weeks ago – we would like to wait at least a month or so to see if there are any major glitches before upgrading.

              hi grsr

              Thanks for your response.

              FYI, Here is the release note to show what is fixed by 2.7.0.

              https://tls.mbed.org/tech-updates/releases/mbedtls-2.7.0-2.1.10-and-1.3.22-released

              All users affected by one of the issues should update.

              I believe you will find good reasons to use latest release after checking security and bugfix sections.

              • 4. Re: mbedTLS Security Advisory
                axel.lin_1746341

                grsr wrote:

                however we are not upgrading to 2.7.0 yet. But as I mentioned, as long as this flag is not enabled, it shouldn’t matter."

                grsr

                 

                Just FYI.

                1. Mbed TLS 2.8.0 released recently

                2. Mbed TLS 2.7 is a "Long Term Support Branch"

                https://tls.mbed.org/tech-updates/blog/our-next-lts-branch-mbedtls-2.7

                So I would suggest your team at least upgrade to mbedTLS-2.7.2 if you want to get upstream bug fixes.

                I don't think mbed-TLS-2.6 is a good choice as no maintenance release for it any more.

                • 5. Re: mbedTLS Security Advisory
                  axel.lin_1746341

                  grsr

                   

                  FYI, some new vulnerabilities of mbedTLS:

                   

                  CVE-2018-9988

                  Brief description: Buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input.

                  upstream patches: ARMmbed/mbedtls@027f84c, ARMmbed/mbedtls@a1098f8

                  NVD link: https://nvd.nist.gov/vuln/detail/CVE-2018-9988

                   

                  CVE-2018-9989

                  Brief description: Buffer over-read in ssl_parse_server_psk_hint() that could cause a crash on invalid input.

                  upstream patches: ARMmbed/mbedtls@5224a75, ARMmbed/mbedtls@740b218

                  NVD link: https://nvd.nist.gov/vuln/detail/CVE-2018-9989

                   

                  As I suggested before, mbed-tls-2.7.x is a better option as it is a long term support version.

                  If cypress decided to use mbed-tls-2.6.0, you will have to patch yourself or upgrade again.

                  2 of 2 people found this helpful
                  • 6. Re: mbedTLS Security Advisory
                    grsr

                    Thank you for the update. I have forwarded your message to the software development team.