1. CVE-Search
  2. CVE-2022-4450
ID CVE-2022-4450
Summary The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions PEM_read_bio() and PEM_read() are simple wrappers around PEM_read_bio_ex() and therefore these functions are also directly affected. These functions are also called indirectly by a number of other OpenSSL functions including PEM_X509_INFO_read_bio_ex() and SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL internal uses of these functions are not vulnerable because the caller does not free the header argument if PEM_read_bio_ex() returns a failure code. These locations include the PEM_read_bio_TYPE() functions as well as the decoders introduced in OpenSSL 3.0. The OpenSSL asn1parse command line application is also impacted by this issue.
References
Vulnerable Configurations
  • cpe:2.3:a:openssl:openssl:3.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.0:-:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:-:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.0:alpha1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:alpha1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.0:alpha10:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:alpha10:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.0:alpha11:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:alpha11:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.0:alpha12:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:alpha12:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.0:alpha13:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:alpha13:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.0:alpha14:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:alpha14:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.0:alpha15:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:alpha15:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.0:alpha16:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:alpha16:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.0:alpha17:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:alpha17:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.0:alpha2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:alpha2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.0:alpha3:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:alpha3:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.0:alpha4:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:alpha4:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.0:alpha5:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:alpha5:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.0:alpha6:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:alpha6:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.0:alpha7:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:alpha7:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.0:alpha8:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:alpha8:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.0:alpha9:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:alpha9:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.0:beta2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:3.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:3.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1:-:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1:pre1:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1:pre1:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1:pre2:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1:pre2:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1:pre3:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1:pre3:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1:pre4:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1:pre4:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1:pre5:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1:pre5:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1:pre6:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1:pre6:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1:pre7:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1:pre7:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1:pre8:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1:pre8:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1:pre9:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1:pre9:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1a:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1a:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1b:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1b:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1c:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1c:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1d:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1d:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1e:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1e:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1f:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1f:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1g:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1g:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1h:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1h:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1i:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1i:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1j:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1j:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1k:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1k:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1l:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1l:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1m:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1m:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1n:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1n:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1o:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1o:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1p:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1p:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1q:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1q:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1r:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1r:*:*:*:*:*:*:*
  • cpe:2.3:a:openssl:openssl:1.1.1s:*:*:*:*:*:*:*
    cpe:2.3:a:openssl:openssl:1.1.1s:*:*:*:*:*:*:*
  • cpe:2.3:a:stormshield:stormshield_network_security:4.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:stormshield:stormshield_network_security:4.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:stormshield:stormshield_network_security:4.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:stormshield:stormshield_network_security:4.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:stormshield:stormshield_network_security:4.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:stormshield:stormshield_network_security:4.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:stormshield:stormshield_network_security:4.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:stormshield:stormshield_network_security:4.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:stormshield:stormshield_network_security:4.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:stormshield:stormshield_network_security:4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:stormshield:stormshield_network_security:4.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:stormshield:stormshield_network_security:4.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:stormshield:stormshield_network_security:4.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:stormshield:stormshield_network_security:4.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:stormshield:stormshield_network_security:4.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:stormshield:stormshield_network_security:4.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:stormshield:stormshield_network_security:4.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:stormshield:stormshield_network_security:4.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:stormshield:stormshield_network_security:4.3.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:stormshield:stormshield_network_security:4.3.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:stormshield:stormshield_network_security:4.3.14:*:*:*:*:*:*:*
    cpe:2.3:a:stormshield:stormshield_network_security:4.3.14:*:*:*:*:*:*:*
  • cpe:2.3:a:stormshield:stormshield_network_security:4.3.15:*:*:*:*:*:*:*
    cpe:2.3:a:stormshield:stormshield_network_security:4.3.15:*:*:*:*:*:*:*
CVSS
Base: None
Impact:
Exploitability:
CWE CWE-415
CAPEC
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 04-02-2024 - 09:15
Published 08-02-2023 - 20:15
Last modified 04-02-2024 - 09:15
Back to Top