Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-82708

pkcs11-provider incorrect errors on optional empty attribute

Linking RHIVOS CVEs to...Migration: Automation ...Sync from "Extern...XMLWordPrintable

    • pkcs11-provider-1.0-2.el10_0
    • Yes
    • Important
    • 0day
    • 2
    • rhel-security-crypto
    • ssg_security
    • 1
    • False
    • False
    • Hide

      None

      Show
      None
    • No
    • Crypto25Q1, Crypto25Q2
    • Release Note Not Required
    • Unspecified
    • Unspecified
    • Unspecified
    • None

      We discovered a late bug that can trigger in specific cases that are valid by PKCS#11 spec but uncommon. We are triggering this with the latest kryoptic build as we made that return case more common there.

       

      These upstream commits make pkcs11-provider properly handle the case:

      https://github.com/latchset/pkcs11-provider/commit/577471d781d1ee0365f6739b1cfc1c9c566c893a

      https://github.com/latchset/pkcs11-provider/commit/02dc73fd441f9f87bd237a1fbd0a7cab9d948cbe

      https://github.com/latchset/pkcs11-provider/commit/cf6bcbb4edbe983691996f8fb126c6b143dc796d

       

              rhn-engineering-ssorce Simo Sorce
              rhn-engineering-ssorce Simo Sorce
              Jakub Jelen
              Simo Sorce Simo Sorce
              Ondrej Moris Ondrej Moris
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: