Merge branch 'feature/vulnerabilities_doc_page' into 'master'

docs: add page to summarize the security vulnerabilities and advisories See merge request espressif/esp-idf!30883
2024-09-19 14:26:01 -04:00 · 2024-06-21 09:32:32 +08:00 · 2024-06-21 09:32:32 +08:00 · dc10f18286
commit dc10f18286
parent 67c10eafaa 2a4f227c5c
4 changed files with 177 additions and 0 deletions
--- a/docs/en/security/index.rst
+++ b/docs/en/security/index.rst
@ -26,3 +26,9 @@ Workflows

   host-based-security-workflows

+Vulnerabilities
+---------------
+.. toctree::
+   :maxdepth: 1
+
+   vulnerabilities
--- a/docs/en/security/vulnerabilities.rst
+++ b/docs/en/security/vulnerabilities.rst
@ -0,0 +1,164 @@
+Vulnerabilities
+===============
+
+This page briefly lists all of the vulnerabilities that are discovered and fixed in each release. Please note that for the on-going issues or the issues under embargo period, the information on this page may reflect once the desired resolution has been achieved.
+
+
+.. note::
+   Please refer to ``latest`` version of this documentation guide for up-to-date information.
+
+CVE-2024
+--------
+
+CVE-2024-28183
+~~~~~~~~~~~~~~
+
+Bootloader TOCTOU Vulnerability in Anti-rollback Scheme
+
+* Espressif Advisory: NA (Published on GitHub)
+* Impact: Applicable for ESP-IDF
+* Resolution: Please see advisory for details
+* Advisory pointer: `GHSA-22x6-3756-pfp8`_
+
+
+CVE-2023
+--------
+
+CVE-2023-35818
+~~~~~~~~~~~~~~
+
+Security Advisory Concerning Bypassing Secure Boot and Flash Encryption Using EMFI
+
+* Espressif Advisory: `AR2023-005`_
+* Impact: Applicable for ESP32 Chip Revision v3.0/v3.1
+* Resolution: Please see advisory for details
+
+
+CVE-2023-24023
+~~~~~~~~~~~~~~
+
+Security Advisory Concerning the Bluetooth BLUFFS Vulnerability
+
+* Espressif Advisory: `AR2023-010`_
+* Impact: Applicable for ESP-IDF
+* Resolution: Please see advisory for details
+
+CVE-2022
+--------
+
+CVE-2022-24893
+~~~~~~~~~~~~~~
+
+Espressif Bluetooth Mesh Stack Vulnerability
+
+* Espressif Advisory: NA (Published on GitHub)
+* Impact: Applicable for ESP-IDF
+* Resolution: Please see advisory for details
+* Advisory pointer: `GHSA-7f7f-jj2q-28wm`_
+
+
+CVE-2021
+--------
+
+CVE-2021-32020
+~~~~~~~~~~~~~~
+
+Insufficient bounds checking during management of heap memory in FreeRTOS
+
+* Impact: ESP-IDF uses its own heap allocator and hence not applicable
+* Resolution: NA
+
+CVE-2021-43997
+~~~~~~~~~~~~~~
+
+Privilege escalation issue in FreeRTOS ARMv7-M and ARMv8-M MPU ports
+
+* Impact: Not applicable for Espressif chips
+* Resolution: NA
+
+CVE-2021-3420
+~~~~~~~~~~~~~
+
+Security Advisory on "BadAlloc" Vulnerabilities
+
+* Espressif Advisory: `AR2021-005`_
+* Impact: Not applicable for ESP-IDF
+* Resolution: NA
+
+CVE-2021-31571
+~~~~~~~~~~~~~~
+
+Security Advisory on "BadAlloc" Vulnerabilities
+
+* Espressif Advisory: `AR2021-005`_
+* Impact: Applicable for ESP-IDF
+* Resolution: Please see advisory for details
+
+CVE-2021-31572
+~~~~~~~~~~~~~~
+
+Security Advisory on "BadAlloc" Vulnerabilities
+
+* Espressif Advisory: `AR2021-005`_
+* Impact: Applicable for ESP-IDF
+* Resolution: Please see advisory for details
+
+CVE-2021-28139
+~~~~~~~~~~~~~~
+
+Security Advisory for Bluetooth Vulnerability
+
+* Covers additional CVEs: CVE-2020-10135, CVE-2020-13595, CVE-2020-26555, CVE-2020-26556, CVE-2020-26557, CVE-2020-26558, CVE-2020-26559, CVE-2020-26560, CVE-2021-28135, CVE-2021-28136
+* Espressif Advisory: `AR2021-004`_
+* Impact: Applicable for ESP-IDF
+* Resolution: Please see advisory for details
+
+
+CVE-2020
+--------
+
+CVE-2020-22283
+~~~~~~~~~~~~~~
+
+Buffer overflow vulnerability in lwIP stack
+
+* Espressif Advisory: NA
+* Impact: Applicable for ESP-IDF
+* Resolution: Fix cherry-picked and available in ESP-IDF >= v4.4.1
+
+CVE-2020-22284
+~~~~~~~~~~~~~~
+
+Buffer overflow vulnerability in lwIP stack
+
+* Espressif Advisory: NA
+* Impact: Applicable for ESP-IDF
+* Resolution: Fix cherry-picked and available in ESP-IDF >= v4.4.1
+
+CVE-2020-26142
+~~~~~~~~~~~~~~
+
+Security Advisory for WLAN FragAttacks
+
+* Espressif Advisory: `AR2023-008`_
+* Impact: Applicable for ESP-IDF
+* Resolution: Please see advisory for details
+
+CVE-2020-12638
+~~~~~~~~~~~~~~
+
+Security Advisory Concerning Wi-Fi Authentication Bypass
+
+* Espressif Advisory: `AR2020-002`_
+* Impact: Applicable for ESP-IDF
+* Resolution: Please see advisory for details
+
+
+.. _`AR2020-002`: https://www.espressif.com/sites/default/files/advisory_downloads/AR2020-002%20Security%20Advisory%20Concerning%20Wi-Fi%20Authentication%20Bypass%20V1.1%20EN.pdf
+.. _`AR2021-004`: https://www.espressif.com/sites/default/files/advisory_downloads/AR2021-004%20Bluetooth%20Security%20Advisory.pdf
+.. _`AR2021-005`: https://www.espressif.com/sites/default/files/advisory_downloads/AR2021-005%20Security%20Advisory%20on%20BadAlloc%20Vulnerabilities.pdf
+.. _`AR2023-005`: https://www.espressif.com/sites/default/files/advisory_downloads/AR2023-005%20Security%20Advisory%20Concerning%20Bypassing%20Secure%20Boot%20and%20Flash%20Encryption%20Using%20EMFI%20EN.pdf
+.. _`AR2023-008`: https://www.espressif.com/sites/default/files/advisory_downloads/AR2023-008%20Security%20Advisory%20for%20WLAN%20FragAttacks%20v1.1%20EN_0.pdf
+.. _`AR2023-010`: https://www.espressif.com/sites/default/files/advisory_downloads/AR2023-010%20Security%20Advisory%20Concerning%20the%20Bluetooth%20BLUFFS%20Vulnerability%20EN.pdf
+.. _`GHSA-22x6-3756-pfp8` : https://github.com/espressif/esp-idf/security/advisories/GHSA-22x6-3756-pfp8
+.. _`GHSA-7f7f-jj2q-28wm` : https://github.com/espressif/esp-idf/security/advisories/GHSA-7f7f-jj2q-28wm
--- a/docs/zh_CN/security/index.rst
+++ b/docs/zh_CN/security/index.rst
@ -26,3 +26,9 @@

   host-based-security-workflows

+漏洞
+---------
+.. toctree::
+   :maxdepth: 1
+
+   vulnerabilities
--- a/docs/zh_CN/security/vulnerabilities.rst
+++ b/docs/zh_CN/security/vulnerabilities.rst
@ -0,0 +1 @@
+.. include:: ../../en/security/vulnerabilities.rst
				`@ -0,0 +1 @@`
				`.. include:: ../../en/security/vulnerabilities.rst`