Is the ESP-IDF impacted by "BadAlloc" vulnerabilities?
If yes, do you have fix for it?
https://searchsecurity.techtarget.com/n ... OT-devices
https://us-cert.cisa.gov/ics/advisories/icsa-21-119-04
Regarding BadAlloc – Memory allocation vulnerabilities
Re: Regarding BadAlloc – Memory allocation vulnerabilities
I think the impacted components in esp-idf are FreeRTOS and newlib.
For FreeRTOS, I can find upstream fixes merged to esp-idf.
CVE-2021-31571
https://github.com/FreeRTOS/FreeRTOS-Ke ... f81d7c4837
v4.3: 658a0acdbef252928054f6f7feb6bb01462864ae
CVE-2021-31572
https://github.com/FreeRTOS/FreeRTOS-Ke ... 34ae44db5b
v4.3: d30ec8c94e94625fd39518162df162c9cac95673
For newlib, I'm not sure if this is fixed in esp-idf or not.
CVE-2021-3420
https://nvd.nist.gov/vuln/detail/CVE-2021-3420
https://bugzilla.redhat.com/show_bug.cgi?id=1934088
Maybe it's not impacted because esp-idf uses TLSF allocator?
Can someone from espressif confirm this?
For FreeRTOS, I can find upstream fixes merged to esp-idf.
CVE-2021-31571
https://github.com/FreeRTOS/FreeRTOS-Ke ... f81d7c4837
v4.3: 658a0acdbef252928054f6f7feb6bb01462864ae
CVE-2021-31572
https://github.com/FreeRTOS/FreeRTOS-Ke ... 34ae44db5b
v4.3: d30ec8c94e94625fd39518162df162c9cac95673
For newlib, I'm not sure if this is fixed in esp-idf or not.
CVE-2021-3420
https://nvd.nist.gov/vuln/detail/CVE-2021-3420
https://bugzilla.redhat.com/show_bug.cgi?id=1934088
Maybe it's not impacted because esp-idf uses TLSF allocator?
Can someone from espressif confirm this?
-
- Posts: 9043
- Joined: Thu Nov 26, 2015 4:08 am
Re: Regarding BadAlloc – Memory allocation vulnerabilities
Thanks for waiting - I'm decently sure I remember we handled this, but I'll poke the security team to figure out the details.
EDIT: Seems we did fix these issues (although only some were applicable to our codebase) however an advisory is still in the pipeline. Will post here as soon as it's released.
EDIT: Seems we did fix these issues (although only some were applicable to our codebase) however an advisory is still in the pipeline. Will post here as soon as it's released.
Re: Regarding BadAlloc – Memory allocation vulnerabilities
If it needs longer time to release official advisory, can you please confirm if all fixes are
already included in current esp-idf tree?
If it takes time to fix issues, that's fine.
But I want to know if current esp-idf tree is ok or additional fixes are required to merge?
already included in current esp-idf tree?
If it takes time to fix issues, that's fine.
But I want to know if current esp-idf tree is ok or additional fixes are required to merge?
-
- Posts: 9043
- Joined: Thu Nov 26, 2015 4:08 am
Re: Regarding BadAlloc – Memory allocation vulnerabilities
It's fixed in master, 4.3, 4.2.2 and later (for the 4.2 branch), 4.1.2 (for the 4.1 branch), 4.0.3 (for the 4.0 branch); additionally it will be fixed in 3.3.6 (for the 3.3 branch).
Re: Regarding BadAlloc – Memory allocation vulnerabilities
Found the advisory, thanks.
https://www.espressif.com/sites/default ... lities.pdf
https://www.espressif.com/sites/default ... lities.pdf
Who is online
Users browsing this forum: Majestic-12 [Bot] and 120 guests