From 858c7bc210a406cc7f891ac2aed78692d2e02937 Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tomas@openssl.org>
Date: Thu, 4 Jan 2024 10:32:32 +0100
Subject: [PATCH] Add CHANGES.md and NEWS.md entries for CVE-2023-6129

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23200)
---
 CHANGES.md | 21 +++++++++++++++++++++
 NEWS.md    |  5 ++++-
 2 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/CHANGES.md b/CHANGES.md
index 031c7101f8..43b02502d8 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -75,6 +75,26 @@ OpenSSL 3.2
 
 ### Changes between 3.2.0 and 3.2.1 [xx XXX xxxx]
 
+ * The POLY1305 MAC (message authentication code) implementation in OpenSSL
+   for PowerPC CPUs saves the contents of vector registers in different
+   order than they are restored. Thus the contents of some of these vector
+   registers is corrupted when returning to the caller. The vulnerable code is
+   used only on newer PowerPC processors supporting the PowerISA 2.07
+   instructions.
+
+   The consequences of this kind of internal application state corruption can
+   be various - from no consequences, if the calling application does not
+   depend on the contents of non-volatile XMM registers at all, to the worst
+   consequences, where the attacker could get complete control of the
+   application process. However unless the compiler uses the vector registers
+   for storing pointers, the most likely consequence, if any, would be an
+   incorrect result of some application dependent calculations or a crash
+   leading to a denial of service.
+
+   ([CVE-2023-6129])
+
+   *Rohan McLure*
+
  * Disable building QUIC server utility when OpenSSL is configured with
    `no-apps`.
 
@@ -20380,6 +20400,7 @@ ndif
 
 <!-- Links -->
 
+[CVE-2023-6129]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6129
 [CVE-2023-5678]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5678
 [CVE-2023-5363]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5363
 [CVE-2023-4807]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-4807
diff --git a/NEWS.md b/NEWS.md
index 6f619a14de..a41353e1a6 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -31,7 +31,9 @@ OpenSSL 3.2
 
 ### Major changes between OpenSSL 3.2.0 and OpenSSL 3.2.1 [under development]
 
-  * none
+  * Fix POLY1305 MAC implementation corrupting vector registers on PowerPC
+    CPUs which support PowerISA 2.07
+    ([CVE-2023-6129])
 
 ### Major changes between OpenSSL 3.1 and OpenSSL 3.2.0 [23 Nov 2023]
 
@@ -1580,6 +1582,7 @@ OpenSSL 0.9.x
 
 <!-- Links -->
 
+[CVE-2023-6129]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-6129
 [CVE-2023-5678]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5678
 [CVE-2023-5363]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-5363
 [CVE-2023-4807]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-4807