[AutoPR- Security] Patch gnutls for CVE-2026-5260 [HIGH]

SPECS/gnutls/CVE-2026-5260.patch

@@ -0,0 +1,109 @@
+From 0c2466de2f0418316021d9bfade9f07536fe998a Mon Sep 17 00:00:00 2001
+From: Alexander Sosedkin <asosedkin@redhat.com>
+Date: Mon, 30 Mar 2026 17:31:07 +0200
+Subject: [PATCH 1/2] lib/auth/rsa: check that ciphertext matches the modulus
+ size
+
+A client sending extremely short premaster secret as part of an
+RSA key exchange could've theoretically triggered a short heap overread
+to nowhere when the RSA key was backed with a PKCS#11 token.
+With this fix, the internal decryption function will not be called
+with an mismatching plaintext length specified, avoiding the overread.
+
+Reported-by: Joshua Rogers of AISLE Research Team <joshua@joshua.hu>
+Fixes: #1814
+Fixes: CVE-2026-5260
+Fixes: GNUTLS-SA-2026-04-29-10
+CVSS: 5.9 Medium CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
+Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
+---
+ lib/auth/rsa.c     | 5 +++++
+ lib/auth/rsa_psk.c | 5 +++++
+ 2 files changed, 10 insertions(+)
+
+diff --git a/lib/auth/rsa.c b/lib/auth/rsa.c
+index b5ecc09..24c1649 100644
+--- a/lib/auth/rsa.c
++++ b/lib/auth/rsa.c
+@@ -158,6 +158,7 @@ static int proc_rsa_client_kx(gnutls_session_t session, uint8_t *data,
+ 	int ret, dsize;
+ 	ssize_t data_size = _data_size;
+ 	volatile uint8_t ver_maj, ver_min;
++	unsigned int key_bits;
+
+ #ifdef ENABLE_SSL3
+ 	if (get_num_version(session) == GNUTLS_SSL3) {
+@@ -180,6 +181,10 @@ static int proc_rsa_client_kx(gnutls_session_t session, uint8_t *data,
+ 		}
+ 		ciphertext.size = dsize;
+ 	}
++	gnutls_privkey_get_pk_algorithm(session->internals.selected_key,
++					&key_bits);
++	if (ciphertext.size != (key_bits + 7) / 8)
++		return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+ 	ver_maj = _gnutls_get_adv_version_major(session);
+ 	ver_min = _gnutls_get_adv_version_minor(session);
+diff --git a/lib/auth/rsa_psk.c b/lib/auth/rsa_psk.c
+index 399fb4d..7a99d87 100644
+--- a/lib/auth/rsa_psk.c
++++ b/lib/auth/rsa_psk.c
+@@ -257,6 +257,7 @@ static int _gnutls_proc_rsa_psk_client_kx(gnutls_session_t session,
+ 	ssize_t data_size = _data_size;
+ 	gnutls_psk_server_credentials_t cred;
+ 	volatile uint8_t ver_maj, ver_min;
++	unsigned int rsa_key_bits;
+
+ 	cred = (gnutls_psk_server_credentials_t)_gnutls_get_cred(
+ 		session, GNUTLS_CRD_PSK);
+@@ -313,6 +314,10 @@ static int _gnutls_proc_rsa_psk_client_kx(gnutls_session_t session,
+ 		return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
+ 	}
+ 	ciphertext.size = dsize;
++	gnutls_privkey_get_pk_algorithm(session->internals.selected_key,
++					&rsa_key_bits);
++	if (ciphertext.size != (rsa_key_bits + 7) / 8)
++		return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED);
+
+ 	ver_maj = _gnutls_get_adv_version_major(session);
+ 	ver_min = _gnutls_get_adv_version_minor(session);
+-- 
+2.45.4
+
+
+From a8c5bc3b2e6cf7de6c511b2e95f716ddf7935882 Mon Sep 17 00:00:00 2001
+From: Alexander Sosedkin <asosedkin@redhat.com>
+Date: Mon, 30 Mar 2026 17:46:40 +0200
+Subject: [PATCH 2/2] lib/pkcs11_privkey: guard against overreading on short
+ ciphertexts
+
+This is an alternative fix for the callee side.
+
+Reported-by: Joshua Rogers of AISLE Research Team <joshua@joshua.hu>
+Fixes: #1814
+Fixes: CVE-2026-5260
+Fixes: GNUTLS-SA-2026-04-29-10
+CVSS: 5.9 Medium CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
+Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
+Signed-off-by: Azure Linux Security Servicing Account <azurelinux-security@microsoft.com>
+Upstream-reference: https://gitlab.com/gnutls/gnutls/-/commit/77228f2d1ac207d2f894e5a168fbb47e5378e42f.patch https://gitlab.com/gnutls/gnutls/-/commit/cf6bdc5e4df49e5583d3fb4d2296779785f10683.patch
+---
+ lib/pkcs11_privkey.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/pkcs11_privkey.c b/lib/pkcs11_privkey.c
+index 5093a6d..369b034 100644
+--- a/lib/pkcs11_privkey.c
++++ b/lib/pkcs11_privkey.c
+@@ -826,7 +826,7 @@ int _gnutls_pkcs11_privkey_decrypt_data2(gnutls_pkcs11_privkey_t key,
+ 	if (ret != 0)
+ 		return gnutls_assert_val(GNUTLS_E_LOCKING_ERROR);
+
+-	buffer = gnutls_malloc(siglen);
++	buffer = gnutls_malloc(MAX((size_t)siglen, plaintext_size));
+ 	if (!buffer) {
+ 		gnutls_assert();
+ 		return GNUTLS_E_MEMORY_ERROR;
+-- 
+2.45.4
+

SPECS/gnutls/gnutls.spec

@@ -1,7 +1,7 @@
 Summary:        The GnuTLS Transport Layer Security Library
 Name:           gnutls
 Version:        3.8.3
-Release:        9%{?dist}
+Release:        10%{?dist}
 License:        GPLv3+ AND LGPLv2.1+
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
@@ -21,6 +21,7 @@ Patch8:         CVE-2025-6395.patch
 Patch9:         CVE-2025-13151.patch
 Patch10:        CVE-2025-9820.patch
 Patch11:        CVE-2026-33845.patch
+Patch12:        CVE-2026-5260.patch
 BuildRequires:  autogen-libopts-devel
 BuildRequires:  gc-devel
 BuildRequires:  libtasn1-devel
@@ -102,6 +103,9 @@ sed -i 's/TESTS += test-ciphers-openssl.sh//'  tests/slow/Makefile.am
 %{_mandir}/man3/*
 
 %changelog
+* Mon Jun 01 2026 Azure Linux Security Servicing Account <azurelinux-security@microsoft.com> - 3.8.3-10
+- Patch for CVE-2026-5260
+
 * Thu May 07 2026 Akarsh Chaudhary <v-akarshc@microsoft.com>- 3.8.3-9
 - Patch for CVE-2026-33845