Action not permitted
Modal body text goes here.
Modal Title
Modal Body
alsa-2023:3722
Vulnerability from osv_almalinux
Published
2023-06-21 00:00
Modified
2023-06-23 14:32
Summary
Moderate: openssl security and bug fix update
Details
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
- openssl: Possible DoS translating ASN.1 object identifiers (CVE-2023-2650)
- openssl: Denial of service by excessive resource usage in verifying X509 policy constraints (CVE-2023-0464)
- openssl: Invalid certificate policies in leaf certificates are silently ignored (CVE-2023-0465)
- openssl: Certificate policy check not enabled (CVE-2023-0466)
- openssl: Input buffer over-read in AES-XTS implementation on 64 bit ARM (CVE-2023-1255)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- In FIPS mode, openssl KDFs should only allow selected hash algorithms (BZ#2175860)
- In FIPS mode, openssl should reject short KDF input or output keys or provide an indicator (BZ#2175864)
- In FIPS mode, openssl should provide an indicator for AES-GCM to query whether the IV was generated internally or provided externally (BZ#2175868)
- openssl FIPS mode self-test should zeroize
outinverify_integrityin providers/fips/self_test.c (BZ#2175873) - In FIPS mode, openssl should not support RSA encryption or decryption without padding (outside of RSASVE) or provide an indicator (BZ#2178029)
- In FIPS mode, openssl should reject EVP_PKEY_fromdata() for short DHX keys, or provide an indicator (BZ#2178030)
- In FIPS mode, openssl should not use the legacy ECDSA_do_sign(), RSA_public_encrypt(), RSA_private_decrypt() functions for pairwise consistency tests (BZ#2178034)
- In FIPS mode, openssl should enter error state when DH PCT fails (BZ#2178039)
- In FIPS mode, openssl should always run the PBKDF2 lower bounds checks or provide an indicator when the pkcs5 parameter is set to 1 (BZ#2178137)
- Support requiring EMS in TLS 1.2, default to it when in FIPS mode (BZ#2188046)
- OpenSSL rsa_verify_recover doesn't use the same key checks as rsa_verify in FIPS mode (BZ#2188052)
- AlmaLinux9.0 - sshd dumps core when ibmca engine is configured with default_algorithms = CIPHERS or ALL (openssl) (BZ#2211396)
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "openssl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:3.0.7-16.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "openssl-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:3.0.7-16.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "openssl-libs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:3.0.7-16.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "openssl-perl"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:3.0.7-16.el9_2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nSecurity Fix(es):\n\n* openssl: Possible DoS translating ASN.1 object identifiers (CVE-2023-2650)\n* openssl: Denial of service by excessive resource usage in verifying X509 policy constraints (CVE-2023-0464)\n* openssl: Invalid certificate policies in leaf certificates are silently ignored (CVE-2023-0465)\n* openssl: Certificate policy check not enabled (CVE-2023-0466)\n* openssl: Input buffer over-read in AES-XTS implementation on 64 bit ARM (CVE-2023-1255)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* In FIPS mode, openssl KDFs should only allow selected hash algorithms (BZ#2175860)\n* In FIPS mode, openssl should reject short KDF input or output keys or provide an indicator (BZ#2175864)\n* In FIPS mode, openssl should provide an indicator for AES-GCM to query whether the IV was generated internally or provided externally (BZ#2175868)\n* openssl FIPS mode self-test should zeroize `out` in `verify_integrity` in providers/fips/self_test.c (BZ#2175873)\n* In FIPS mode, openssl should not support RSA encryption or decryption without padding (outside of RSASVE) or provide an indicator (BZ#2178029)\n* In FIPS mode, openssl should reject EVP_PKEY_fromdata() for short DHX keys, or provide an indicator (BZ#2178030)\n* In FIPS mode, openssl should not use the legacy ECDSA_do_sign(), RSA_public_encrypt(), RSA_private_decrypt() functions for pairwise consistency tests (BZ#2178034)\n* In FIPS mode, openssl should enter error state when DH PCT fails (BZ#2178039)\n* In FIPS mode, openssl should always run the PBKDF2 lower bounds checks or provide an indicator when the pkcs5 parameter is set to 1 (BZ#2178137)\n* Support requiring EMS in TLS 1.2, default to it when in FIPS mode (BZ#2188046)\n* OpenSSL rsa_verify_recover doesn\u0027t use the same key checks as rsa_verify in FIPS mode (BZ#2188052)\n* AlmaLinux9.0 - sshd dumps core when ibmca engine is configured with default_algorithms = CIPHERS or ALL (openssl) (BZ#2211396)",
"id": "ALSA-2023:3722",
"modified": "2023-06-23T14:32:27Z",
"published": "2023-06-21T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2023:3722"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-0464"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-0465"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-0466"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-1255"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-2650"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2181082"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2182561"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2182565"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2188461"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2207947"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2023-3722.html"
}
],
"related": [
"CVE-2023-2650",
"CVE-2023-0464",
"CVE-2023-0465",
"CVE-2023-0466",
"CVE-2023-1255"
],
"summary": "Moderate: openssl security and bug fix update"
}
CVE-2023-1255 (GCVE-0-2023-1255)
Vulnerability from cvelistv5 – Published: 2023-04-20 16:14 – Updated: 2025-02-13 16:39
VLAI?
EPSS
Title
Input buffer over-read in AES-XTS implementation on 64 bit ARM
Summary
Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM
platform contains a bug that could cause it to read past the input buffer,
leading to a crash.
Impact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM
platform can crash in rare circumstances. The AES-XTS algorithm is usually
used for disk encryption.
The AES-XTS cipher decryption implementation for 64 bit ARM platform will read
past the end of the ciphertext buffer if the ciphertext size is 4 mod 5 in 16
byte blocks, e.g. 144 bytes or 1024 bytes. If the memory after the ciphertext
buffer is unmapped, this will trigger a crash which results in a denial of
service.
If an attacker can control the size and location of the ciphertext buffer
being decrypted by an application using AES-XTS on 64 bit ARM, the
application is affected. This is fairly unlikely making this issue
a Low severity one.
Severity ?
No CVSS data available.
CWE
- buffer over-read
Assigner
References
Impacted products
Date Public ?
2023-03-21 00:00
Credits
Anton Romanov (Amazon)
Nevine Ebeid (Amazon)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:40:59.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.openssl.org/news/secadv/20230419.txt"
},
{
"name": "3.1.1 git commit",
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bc2f61ad70971869b242fc1cb445b98bad50074a"
},
{
"name": "3.0.9 git commit",
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=02ac9c9420275868472f33b01def01218742b8bb"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230908-0006/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-1255",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T21:14:55.272222Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T21:16:24.506Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"lessThan": "3.1.1",
"status": "affected",
"version": "3.1.0",
"versionType": "semver"
},
{
"lessThan": "3.0.9",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Anton Romanov (Amazon)"
},
{
"lang": "en",
"type": "remediation developer",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nevine Ebeid (Amazon)"
}
],
"datePublic": "2023-03-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM\u003cbr\u003eplatform contains a bug that could cause it to read past the input buffer,\u003cbr\u003eleading to a crash.\u003cbr\u003e\u003cbr\u003eImpact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM\u003cbr\u003eplatform can crash in rare circumstances. The AES-XTS algorithm is usually\u003cbr\u003eused for disk encryption.\u003cbr\u003e\u003cbr\u003eThe AES-XTS cipher decryption implementation for 64 bit ARM platform will read\u003cbr\u003epast the end of the ciphertext buffer if the ciphertext size is 4 mod 5 in 16\u003cbr\u003ebyte blocks, e.g. 144 bytes or 1024 bytes. If the memory after the ciphertext\u003cbr\u003ebuffer is unmapped, this will trigger a crash which results in a denial of\u003cbr\u003eservice.\u003cbr\u003e\u003cbr\u003eIf an attacker can control the size and location of the ciphertext buffer\u003cbr\u003ebeing decrypted by an application using AES-XTS on 64 bit ARM, the\u003cbr\u003eapplication is affected. This is fairly unlikely making this issue\u003cbr\u003ea Low severity one."
}
],
"value": "Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM\nplatform contains a bug that could cause it to read past the input buffer,\nleading to a crash.\n\nImpact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM\nplatform can crash in rare circumstances. The AES-XTS algorithm is usually\nused for disk encryption.\n\nThe AES-XTS cipher decryption implementation for 64 bit ARM platform will read\npast the end of the ciphertext buffer if the ciphertext size is 4 mod 5 in 16\nbyte blocks, e.g. 144 bytes or 1024 bytes. If the memory after the ciphertext\nbuffer is unmapped, this will trigger a crash which results in a denial of\nservice.\n\nIf an attacker can control the size and location of the ciphertext buffer\nbeing decrypted by an application using AES-XTS on 64 bit ARM, the\napplication is affected. This is fairly unlikely making this issue\na Low severity one."
}
],
"metrics": [
{
"format": "other",
"other": {
"content": {
"text": "Low"
},
"type": "https://www.openssl.org/policies/secpolicy.html"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer over-read",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-08T16:06:36.509Z",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://www.openssl.org/news/secadv/20230419.txt"
},
{
"name": "3.1.1 git commit",
"tags": [
"patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=bc2f61ad70971869b242fc1cb445b98bad50074a"
},
{
"name": "3.0.9 git commit",
"tags": [
"patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=02ac9c9420275868472f33b01def01218742b8bb"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230908-0006/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Input buffer over-read in AES-XTS implementation on 64 bit ARM",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2023-1255",
"datePublished": "2023-04-20T16:14:54.707Z",
"dateReserved": "2023-03-07T14:56:07.099Z",
"dateUpdated": "2025-02-13T16:39:19.031Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-0464 (GCVE-0-2023-0464)
Vulnerability from cvelistv5 – Published: 2023-03-22 16:36 – Updated: 2025-05-05 16:08
VLAI?
EPSS
Title
Excessive Resource Usage Verifying X.509 Policy Constraints
Summary
A security vulnerability has been identified in all supported versions
of OpenSSL related to the verification of X.509 certificate chains
that include policy constraints. Attackers may be able to exploit this
vulnerability by creating a malicious certificate chain that triggers
exponential use of computational resources, leading to a denial-of-service
(DoS) attack on affected systems.
Policy processing is disabled by default but can be enabled by passing
the `-policy' argument to the command line utilities or by calling the
`X509_VERIFY_PARAM_set1_policies()' function.
Severity ?
No CVSS data available.
CWE
- inefficient algorithmic complexity
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Impacted products
Date Public ?
2023-03-21 00:00
Credits
David Benjamin (Google)
Dr Paul Dale
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:10:56.350Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20230406-0006/"
},
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.openssl.org/news/secadv/20230322.txt"
},
{
"name": "3.1.1 git commit",
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545"
},
{
"name": "3.0.9 git commit",
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1"
},
{
"name": "1.1.1u git commit",
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b"
},
{
"name": "1.0.2zh patch (premium)",
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.couchbase.com/alerts/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5417"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202402-08"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-0464",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:26:32.875761Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:08:48.783Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"lessThan": "3.1.1",
"status": "affected",
"version": "3.1.0",
"versionType": "semver"
},
{
"lessThan": "3.0.9",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
},
{
"lessThan": "1.1.1u",
"status": "affected",
"version": "1.1.1",
"versionType": "custom"
},
{
"lessThan": "1.0.2zh",
"status": "affected",
"version": "1.0.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "David Benjamin (Google)"
},
{
"lang": "en",
"type": "remediation developer",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Dr Paul Dale"
}
],
"datePublic": "2023-03-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A security vulnerability has been identified in all supported versions\u003cbr\u003e\u003cbr\u003eof OpenSSL related to the verification of X.509 certificate chains\u003cbr\u003ethat include policy constraints. Attackers may be able to exploit this\u003cbr\u003evulnerability by creating a malicious certificate chain that triggers\u003cbr\u003eexponential use of computational resources, leading to a denial-of-service\u003cbr\u003e(DoS) attack on affected systems.\u003cbr\u003e\u003cbr\u003ePolicy processing is disabled by default but can be enabled by passing\u003cbr\u003ethe `-policy\u0027 argument to the command line utilities or by calling the\u003cbr\u003e`X509_VERIFY_PARAM_set1_policies()\u0027 function."
}
],
"value": "A security vulnerability has been identified in all supported versions\n\nof OpenSSL related to the verification of X.509 certificate chains\nthat include policy constraints. Attackers may be able to exploit this\nvulnerability by creating a malicious certificate chain that triggers\nexponential use of computational resources, leading to a denial-of-service\n(DoS) attack on affected systems.\n\nPolicy processing is disabled by default but can be enabled by passing\nthe `-policy\u0027 argument to the command line utilities or by calling the\n`X509_VERIFY_PARAM_set1_policies()\u0027 function."
}
],
"metrics": [
{
"format": "other",
"other": {
"content": {
"text": "Low"
},
"type": "https://www.openssl.org/policies/secpolicy.html"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "inefficient algorithmic complexity",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-21T19:07:07.428Z",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://www.openssl.org/news/secadv/20230322.txt"
},
{
"name": "3.1.1 git commit",
"tags": [
"patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2017771e2db3e2b96f89bbe8766c3209f6a99545"
},
{
"name": "3.0.9 git commit",
"tags": [
"patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=959c59c7a0164117e7f8366466a32bb1f8d77ff1"
},
{
"name": "1.1.1u git commit",
"tags": [
"patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b"
},
{
"name": "1.0.2zh patch (premium)",
"tags": [
"patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2dcd4f1e3115f38cefa43e3efbe9b801c27e642e"
},
{
"url": "https://www.couchbase.com/alerts/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5417"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html"
},
{
"url": "https://security.gentoo.org/glsa/202402-08"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Excessive Resource Usage Verifying X.509 Policy Constraints",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2023-0464",
"datePublished": "2023-03-22T16:36:47.383Z",
"dateReserved": "2023-01-24T13:50:25.835Z",
"dateUpdated": "2025-05-05T16:08:48.783Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2650 (GCVE-0-2023-2650)
Vulnerability from cvelistv5 – Published: 2023-05-30 13:40 – Updated: 2025-03-19 15:25
VLAI?
EPSS
Title
Possible DoS translating ASN.1 object identifiers
Summary
Issue summary: Processing some specially crafted ASN.1 object identifiers or
data containing them may be very slow.
Impact summary: Applications that use OBJ_obj2txt() directly, or use any of
the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message
size limit may experience notable to very long delays when processing those
messages, which may lead to a Denial of Service.
An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers -
most of which have no size limit. OBJ_obj2txt() may be used to translate
an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL
type ASN1_OBJECT) to its canonical numeric text form, which are the
sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by
periods.
When one of the sub-identifiers in the OBJECT IDENTIFIER is very large
(these are sizes that are seen as absurdly large, taking up tens or hundreds
of KiBs), the translation to a decimal number in text may take a very long
time. The time complexity is O(n^2) with 'n' being the size of the
sub-identifiers in bytes (*).
With OpenSSL 3.0, support to fetch cryptographic algorithms using names /
identifiers in string form was introduced. This includes using OBJECT
IDENTIFIERs in canonical numeric text form as identifiers for fetching
algorithms.
Such OBJECT IDENTIFIERs may be received through the ASN.1 structure
AlgorithmIdentifier, which is commonly used in multiple protocols to specify
what cryptographic algorithm should be used to sign or verify, encrypt or
decrypt, or digest passed data.
Applications that call OBJ_obj2txt() directly with untrusted data are
affected, with any version of OpenSSL. If the use is for the mere purpose
of display, the severity is considered low.
In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME,
CMS, CMP/CRMF or TS. It also impacts anything that processes X.509
certificates, including simple things like verifying its signature.
The impact on TLS is relatively low, because all versions of OpenSSL have a
100KiB limit on the peer's certificate chain. Additionally, this only
impacts clients, or servers that have explicitly enabled client
authentication.
In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects,
such as X.509 certificates. This is assumed to not happen in such a way
that it would cause a Denial of Service, so these versions are considered
not affected by this issue in such a way that it would be cause for concern,
and the severity is therefore considered low.
Severity ?
No CVSS data available.
CWE
- inefficient algorithmic complexity
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
Impacted products
Date Public ?
2023-05-30 00:00
Credits
OSSFuzz
Matt Caswell
Richard Levitte
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:26:09.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.openssl.org/news/secadv/20230530.txt"
},
{
"name": "3.1.1 git commit",
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a"
},
{
"name": "3.0.9 git commit",
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b"
},
{
"name": "1.1.1u git commit",
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098"
},
{
"name": "1.0.2zh patch (premium)",
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/05/30/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5417"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230703-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231027-0009/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202402-08"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-2650",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T15:55:48.363375Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T15:25:32.613Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"lessThan": "3.1.1",
"status": "affected",
"version": "3.1.1",
"versionType": "semver"
},
{
"lessThan": "3.0.9",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
},
{
"lessThan": "1.1.1u",
"status": "affected",
"version": "1.1.1",
"versionType": "custom"
},
{
"lessThan": "1.0.2zh",
"status": "affected",
"version": "1.0.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "OSSFuzz"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Matt Caswell"
},
{
"lang": "en",
"type": "remediation developer",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Richard Levitte"
}
],
"datePublic": "2023-05-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Issue summary: Processing some specially crafted ASN.1 object identifiers or\u003cbr\u003edata containing them may be very slow.\u003cbr\u003e\u003cbr\u003eImpact summary: Applications that use OBJ_obj2txt() directly, or use any of\u003cbr\u003ethe OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message\u003cbr\u003esize limit may experience notable to very long delays when processing those\u003cbr\u003emessages, which may lead to a Denial of Service.\u003cbr\u003e\u003cbr\u003eAn OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers -\u003cbr\u003emost of which have no size limit. OBJ_obj2txt() may be used to translate\u003cbr\u003ean ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL\u003cbr\u003etype ASN1_OBJECT) to its canonical numeric text form, which are the\u003cbr\u003esub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by\u003cbr\u003eperiods.\u003cbr\u003e\u003cbr\u003eWhen one of the sub-identifiers in the OBJECT IDENTIFIER is very large\u003cbr\u003e(these are sizes that are seen as absurdly large, taking up tens or hundreds\u003cbr\u003eof KiBs), the translation to a decimal number in text may take a very long\u003cbr\u003etime. The time complexity is O(n^2) with \u0027n\u0027 being the size of the\u003cbr\u003esub-identifiers in bytes (*).\u003cbr\u003e\u003cbr\u003eWith OpenSSL 3.0, support to fetch cryptographic algorithms using names /\u003cbr\u003eidentifiers in string form was introduced. This includes using OBJECT\u003cbr\u003eIDENTIFIERs in canonical numeric text form as identifiers for fetching\u003cbr\u003ealgorithms.\u003cbr\u003e\u003cbr\u003eSuch OBJECT IDENTIFIERs may be received through the ASN.1 structure\u003cbr\u003eAlgorithmIdentifier, which is commonly used in multiple protocols to specify\u003cbr\u003ewhat cryptographic algorithm should be used to sign or verify, encrypt or\u003cbr\u003edecrypt, or digest passed data.\u003cbr\u003e\u003cbr\u003eApplications that call OBJ_obj2txt() directly with untrusted data are\u003cbr\u003eaffected, with any version of OpenSSL. If the use is for the mere purpose\u003cbr\u003eof display, the severity is considered low.\u003cbr\u003e\u003cbr\u003eIn OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME,\u003cbr\u003eCMS, CMP/CRMF or TS. It also impacts anything that processes X.509\u003cbr\u003ecertificates, including simple things like verifying its signature.\u003cbr\u003e\u003cbr\u003eThe impact on TLS is relatively low, because all versions of OpenSSL have a\u003cbr\u003e100KiB limit on the peer\u0027s certificate chain. Additionally, this only\u003cbr\u003eimpacts clients, or servers that have explicitly enabled client\u003cbr\u003eauthentication.\u003cbr\u003e\u003cbr\u003eIn OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects,\u003cbr\u003esuch as X.509 certificates. This is assumed to not happen in such a way\u003cbr\u003ethat it would cause a Denial of Service, so these versions are considered\u003cbr\u003enot affected by this issue in such a way that it would be cause for concern,\u003cbr\u003eand the severity is therefore considered low."
}
],
"value": "Issue summary: Processing some specially crafted ASN.1 object identifiers or\ndata containing them may be very slow.\n\nImpact summary: Applications that use OBJ_obj2txt() directly, or use any of\nthe OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message\nsize limit may experience notable to very long delays when processing those\nmessages, which may lead to a Denial of Service.\n\nAn OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers -\nmost of which have no size limit. OBJ_obj2txt() may be used to translate\nan ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL\ntype ASN1_OBJECT) to its canonical numeric text form, which are the\nsub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by\nperiods.\n\nWhen one of the sub-identifiers in the OBJECT IDENTIFIER is very large\n(these are sizes that are seen as absurdly large, taking up tens or hundreds\nof KiBs), the translation to a decimal number in text may take a very long\ntime. The time complexity is O(n^2) with \u0027n\u0027 being the size of the\nsub-identifiers in bytes (*).\n\nWith OpenSSL 3.0, support to fetch cryptographic algorithms using names /\nidentifiers in string form was introduced. This includes using OBJECT\nIDENTIFIERs in canonical numeric text form as identifiers for fetching\nalgorithms.\n\nSuch OBJECT IDENTIFIERs may be received through the ASN.1 structure\nAlgorithmIdentifier, which is commonly used in multiple protocols to specify\nwhat cryptographic algorithm should be used to sign or verify, encrypt or\ndecrypt, or digest passed data.\n\nApplications that call OBJ_obj2txt() directly with untrusted data are\naffected, with any version of OpenSSL. If the use is for the mere purpose\nof display, the severity is considered low.\n\nIn OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME,\nCMS, CMP/CRMF or TS. It also impacts anything that processes X.509\ncertificates, including simple things like verifying its signature.\n\nThe impact on TLS is relatively low, because all versions of OpenSSL have a\n100KiB limit on the peer\u0027s certificate chain. Additionally, this only\nimpacts clients, or servers that have explicitly enabled client\nauthentication.\n\nIn OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects,\nsuch as X.509 certificates. This is assumed to not happen in such a way\nthat it would cause a Denial of Service, so these versions are considered\nnot affected by this issue in such a way that it would be cause for concern,\nand the severity is therefore considered low."
}
],
"metrics": [
{
"format": "other",
"other": {
"content": {
"text": "Moderate"
},
"type": "https://www.openssl.org/policies/general/security-policy.html"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "inefficient algorithmic complexity",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-04T09:06:37.503Z",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://www.openssl.org/news/secadv/20230530.txt"
},
{
"name": "3.1.1 git commit",
"tags": [
"patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a"
},
{
"name": "3.0.9 git commit",
"tags": [
"patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b"
},
{
"name": "1.1.1u git commit",
"tags": [
"patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098"
},
{
"name": "1.0.2zh patch (premium)",
"tags": [
"patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/05/30/1"
},
{
"url": "https://www.debian.org/security/2023/dsa-5417"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html"
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230703-0001/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231027-0009/"
},
{
"url": "https://security.gentoo.org/glsa/202402-08"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Possible DoS translating ASN.1 object identifiers",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2023-2650",
"datePublished": "2023-05-30T13:40:11.963Z",
"dateReserved": "2023-05-11T06:09:26.543Z",
"dateUpdated": "2025-03-19T15:25:32.613Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-0466 (GCVE-0-2023-0466)
Vulnerability from cvelistv5 – Published: 2023-03-28 14:30 – Updated: 2025-02-19 17:12
VLAI?
EPSS
Title
Certificate policy check not enabled
Summary
The function X509_VERIFY_PARAM_add0_policy() is documented to
implicitly enable the certificate policy check when doing certificate
verification. However the implementation of the function does not
enable the check which allows certificates with invalid or incorrect
policies to pass the certificate verification.
As suddenly enabling the policy check could break existing deployments it was
decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()
function.
Instead the applications that require OpenSSL to perform certificate
policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly
enable the policy check by calling X509_VERIFY_PARAM_set_flags() with
the X509_V_FLAG_POLICY_CHECK flag argument.
Certificate policy checks are disabled by default in OpenSSL and are not
commonly used by applications.
Severity ?
No CVSS data available.
CWE
- improper certificate validation
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Impacted products
Date Public ?
2023-03-21 00:00
Credits
David Benjamin (Google)
Tomas Mraz
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:10:56.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.openssl.org/news/secadv/20230328.txt"
},
{
"name": "3.1.1 git commit",
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061"
},
{
"name": "3.0.9 git commit",
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908"
},
{
"name": "1.1.1u git commit",
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a"
},
{
"name": "1.0.2zh patch (premium)",
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230414-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5417"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/4"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202402-08"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-0466",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-19T17:11:17.280968Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-19T17:12:25.801Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"lessThan": "3.1.1",
"status": "affected",
"version": "3.1.0",
"versionType": "semver"
},
{
"lessThan": "3.0.9",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
},
{
"lessThan": "1.1.1u",
"status": "affected",
"version": "1.1.1",
"versionType": "custom"
},
{
"lessThan": "1.0.2zh",
"status": "affected",
"version": "1.0.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "David Benjamin (Google)"
},
{
"lang": "en",
"type": "remediation developer",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Tomas Mraz"
}
],
"datePublic": "2023-03-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does notenable the check which allows certificates with invalid or incorrect policies to pass the certificate verification.\u003cbr\u003eAs suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function.\u003cbr\u003eInstead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument.\u003cbr\u003eCertificate policy checks are disabled by default in OpenSSL and are not commonly used by applications."
}
],
"value": "The function X509_VERIFY_PARAM_add0_policy() is documented to\nimplicitly enable the certificate policy check when doing certificate\nverification. However the implementation of the function does not\nenable the check which allows certificates with invalid or incorrect\npolicies to pass the certificate verification.\n\nAs suddenly enabling the policy check could break existing deployments it was\ndecided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy()\nfunction.\n\nInstead the applications that require OpenSSL to perform certificate\npolicy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly\nenable the policy check by calling X509_VERIFY_PARAM_set_flags() with\nthe X509_V_FLAG_POLICY_CHECK flag argument.\n\nCertificate policy checks are disabled by default in OpenSSL and are not\ncommonly used by applications."
}
],
"metrics": [
{
"format": "other",
"other": {
"content": {
"text": "Low"
},
"type": "https://www.openssl.org/policies/secpolicy.html"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "improper certificate validation",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-04T09:06:28.377Z",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://www.openssl.org/news/secadv/20230328.txt"
},
{
"name": "3.1.1 git commit",
"tags": [
"patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061"
},
{
"name": "3.0.9 git commit",
"tags": [
"patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908"
},
{
"name": "1.1.1u git commit",
"tags": [
"patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a"
},
{
"name": "1.0.2zh patch (premium)",
"tags": [
"patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230414-0001/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5417"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/4"
},
{
"url": "https://security.gentoo.org/glsa/202402-08"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Certificate policy check not enabled",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2023-0466",
"datePublished": "2023-03-28T14:30:49.595Z",
"dateReserved": "2023-01-24T13:52:42.631Z",
"dateUpdated": "2025-02-19T17:12:25.801Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-0465 (GCVE-0-2023-0465)
Vulnerability from cvelistv5 – Published: 2023-03-28 14:30 – Updated: 2025-02-18 20:12
VLAI?
EPSS
Title
Invalid certificate policies in leaf certificates are silently ignored
Summary
Applications that use a non-default option when verifying certificates may be
vulnerable to an attack from a malicious CA to circumvent certain checks.
Invalid certificate policies in leaf certificates are silently ignored by
OpenSSL and other certificate policy checks are skipped for that certificate.
A malicious CA could use this to deliberately assert invalid certificate policies
in order to circumvent policy checking on the certificate altogether.
Policy processing is disabled by default but can be enabled by passing
the `-policy' argument to the command line utilities or by calling the
`X509_VERIFY_PARAM_set1_policies()' function.
Severity ?
No CVSS data available.
CWE
- improper certificate validation
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
Date Public ?
2023-03-23 00:00
Credits
David Benjamin (Google)
Matt Caswell
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:10:56.368Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.openssl.org/news/secadv/20230328.txt"
},
{
"name": "3.1.1 git commit",
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c"
},
{
"name": "3.0.9 git commit",
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb"
},
{
"name": "1.1.1u git commit",
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95"
},
{
"name": "1.0.2zh patch (premium)",
"tags": [
"patch",
"x_transferred"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230414-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5417"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202402-08"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-0465",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-18T20:12:09.117445Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T20:12:50.266Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenSSL",
"vendor": "OpenSSL",
"versions": [
{
"lessThan": "3.1.1",
"status": "affected",
"version": "3.1.0",
"versionType": "semver"
},
{
"lessThan": "3.0.9",
"status": "affected",
"version": "3.0.0",
"versionType": "semver"
},
{
"lessThan": "1.1.1u",
"status": "affected",
"version": "1.1.1",
"versionType": "custom"
},
{
"lessThan": "1.0.2zh",
"status": "affected",
"version": "1.0.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "David Benjamin (Google)"
},
{
"lang": "en",
"type": "remediation developer",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Matt Caswell"
}
],
"datePublic": "2023-03-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Applications that use a non-default option when verifying certificates may be\u003cbr\u003evulnerable to an attack from a malicious CA to circumvent certain checks.\u003cbr\u003e\u003cbr\u003eInvalid certificate policies in leaf certificates are silently ignored by\u003cbr\u003eOpenSSL and other certificate policy checks are skipped for that certificate.\u003cbr\u003eA malicious CA could use this to deliberately assert invalid certificate policies\u003cbr\u003ein order to circumvent policy checking on the certificate altogether.\u003cbr\u003e\u003cbr\u003ePolicy processing is disabled by default but can be enabled by passing\u003cbr\u003ethe `-policy\u0027 argument to the command line utilities or by calling the\u003cbr\u003e`X509_VERIFY_PARAM_set1_policies()\u0027 function."
}
],
"value": "Applications that use a non-default option when verifying certificates may be\nvulnerable to an attack from a malicious CA to circumvent certain checks.\n\nInvalid certificate policies in leaf certificates are silently ignored by\nOpenSSL and other certificate policy checks are skipped for that certificate.\nA malicious CA could use this to deliberately assert invalid certificate policies\nin order to circumvent policy checking on the certificate altogether.\n\nPolicy processing is disabled by default but can be enabled by passing\nthe `-policy\u0027 argument to the command line utilities or by calling the\n`X509_VERIFY_PARAM_set1_policies()\u0027 function."
}
],
"metrics": [
{
"format": "other",
"other": {
"content": {
"text": "Low"
},
"type": "https://www.openssl.org/policies/secpolicy.html"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "improper certificate validation",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-04T09:06:54.698Z",
"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"shortName": "openssl"
},
"references": [
{
"name": "OpenSSL Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://www.openssl.org/news/secadv/20230328.txt"
},
{
"name": "3.1.1 git commit",
"tags": [
"patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c"
},
{
"name": "3.0.9 git commit",
"tags": [
"patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb"
},
{
"name": "1.1.1u git commit",
"tags": [
"patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95"
},
{
"name": "1.0.2zh patch (premium)",
"tags": [
"patch"
],
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230414-0001/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5417"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html"
},
{
"url": "https://security.gentoo.org/glsa/202402-08"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Invalid certificate policies in leaf certificates are silently ignored",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
"assignerShortName": "openssl",
"cveId": "CVE-2023-0465",
"datePublished": "2023-03-28T14:30:39.707Z",
"dateReserved": "2023-01-24T13:51:42.650Z",
"dateUpdated": "2025-02-18T20:12:50.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…