botan2: fix CVE-2026-32877 by backporting SM2 length check #2

Merged

sbelikov merged 2 commits from cve-botan2-CVE-2026-32877 into niceos-5.2

2026-05-26 01:08:48 +03:00

sbelikov commented

2026-05-26 00:45:57 +03:00

Owner

Backport the upstream Botan fix for CVE-2026-32877.

Add an explicit length check for the SM2 C3/authentication value before comparison.
Prevent malformed ciphertext from triggering a heap over-read during SM2 decryption.
Keep the change scoped to the library code path; no ABI change is intended.

Validation:

Rebuild botan2 from the updated spec.
Run the package test suite (botan-test).
Smoke-test valid and malformed SM2 decrypt inputs to confirm the fix and check for regressions.

Backport the upstream Botan fix for CVE-2026-32877. - Add an explicit length check for the SM2 C3/authentication value before comparison. - Prevent malformed ciphertext from triggering a heap over-read during SM2 decryption. - Keep the change scoped to the library code path; no ABI change is intended. Validation: - Rebuild botan2 from the updated spec. - Run the package test suite (`botan-test`). - Smoke-test valid and malformed SM2 decrypt inputs to confirm the fix and check for regressions.

sbelikov added 1 commit

2026-05-26 00:45:57 +03:00