cve-2024-4603
Vulnerability from cvelistv5
Published
2024-05-16 15:21
Modified
2024-10-14 14:56
Severity ?
Summary
Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVP_PKEY_param_check() or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform various checks on DSA parameters. Some of those computations take a long time if the modulus (`p` parameter) is too large. Trying to use a very large modulus is slow and OpenSSL will not allow using public keys with a modulus which is over 10,000 bits in length for signature verification. However the key and parameter check functions do not limit the modulus size when performing the checks. An application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. These functions are not called by OpenSSL itself on untrusted DSA keys so only applications that directly call these functions may be vulnerable. Also vulnerable are the OpenSSL pkey and pkeyparam command line applications when using the `-check` option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.
References
openssl-security@openssl.orghttps://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397
openssl-security@openssl.orghttps://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e
openssl-security@openssl.orghttps://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d
openssl-security@openssl.orghttps://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740
openssl-security@openssl.orghttps://www.openssl.org/news/secadv/20240516.txt
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2024/05/16/2
af854a3a-2127-422b-91ae-364da2661108https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397
af854a3a-2127-422b-91ae-364da2661108https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e
af854a3a-2127-422b-91ae-364da2661108https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d
af854a3a-2127-422b-91ae-364da2661108https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20240621-0001/
af854a3a-2127-422b-91ae-364da2661108https://www.openssl.org/news/secadv/20240516.txt
Impacted products
Vendor Product Version
OpenSSL OpenSSL Version: 3.0.0   
Version: 3.1.0   
Version: 3.2.0   
Version: 3.3.0   
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:47:41.528Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "OpenSSL Advisory",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.openssl.org/news/secadv/20240516.txt"
          },
          {
            "name": "3.0.14 git commit",
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397"
          },
          {
            "name": "3.1.6 git commit",
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d"
          },
          {
            "name": "3.2.2 git commit",
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740"
          },
          {
            "name": "3.3.1 git commit",
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/05/16/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240621-0001/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "openssl",
            "vendor": "openssl",
            "versions": [
              {
                "lessThan": "3.0.14",
                "status": "affected",
                "version": "3.0.0",
                "versionType": "semver"
              },
              {
                "lessThan": "3.1.6",
                "status": "affected",
                "version": "3.1.0",
                "versionType": "semver"
              },
              {
                "lessThan": "3.2.2",
                "status": "affected",
                "version": "3.2.0",
                "versionType": "semver"
              },
              {
                "lessThan": "3.3.1",
                "status": "affected",
                "version": "3.3.0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-4603",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-16T18:27:25.638098Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-834",
                "description": "CWE-834 Excessive Iteration",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-13T15:11:57.009Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "OpenSSL",
          "vendor": "OpenSSL",
          "versions": [
            {
              "lessThan": "3.0.14",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.1.6",
              "status": "affected",
              "version": "3.1.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.2.2",
              "status": "affected",
              "version": "3.2.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.3.1",
              "status": "affected",
              "version": "3.3.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "OSS-Fuzz"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Tomas Mraz"
        }
      ],
      "datePublic": "2024-05-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Issue summary: Checking excessively long DSA keys or parameters may be very\u003cbr\u003eslow.\u003cbr\u003e\u003cbr\u003eImpact summary: Applications that use the functions EVP_PKEY_param_check()\u003cbr\u003eor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\u003cbr\u003eexperience long delays. Where the key or parameters that are being checked\u003cbr\u003ehave been obtained from an untrusted source this may lead to a Denial of\u003cbr\u003eService.\u003cbr\u003e\u003cbr\u003eThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\u003cbr\u003evarious checks on DSA parameters. Some of those computations take a long time\u003cbr\u003eif the modulus (`p` parameter) is too large.\u003cbr\u003e\u003cbr\u003eTrying to use a very large modulus is slow and OpenSSL will not allow using\u003cbr\u003epublic keys with a modulus which is over 10,000 bits in length for signature\u003cbr\u003everification. However the key and parameter check functions do not limit\u003cbr\u003ethe modulus size when performing the checks.\u003cbr\u003e\u003cbr\u003eAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\u003cbr\u003eand supplies a key or parameters obtained from an untrusted source could be\u003cbr\u003evulnerable to a Denial of Service attack.\u003cbr\u003e\u003cbr\u003eThese functions are not called by OpenSSL itself on untrusted DSA keys so\u003cbr\u003eonly applications that directly call these functions may be vulnerable.\u003cbr\u003e\u003cbr\u003eAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\u003cbr\u003ewhen using the `-check` option.\u003cbr\u003e\u003cbr\u003eThe OpenSSL SSL/TLS implementation is not affected by this issue.\u003cbr\u003e\u003cbr\u003eThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue."
            }
          ],
          "value": "Issue summary: Checking excessively long DSA keys or parameters may be very\nslow.\n\nImpact summary: Applications that use the functions EVP_PKEY_param_check()\nor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\nexperience long delays. Where the key or parameters that are being checked\nhave been obtained from an untrusted source this may lead to a Denial of\nService.\n\nThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\nvarious checks on DSA parameters. Some of those computations take a long time\nif the modulus (`p` parameter) is too large.\n\nTrying to use a very large modulus is slow and OpenSSL will not allow using\npublic keys with a modulus which is over 10,000 bits in length for signature\nverification. However the key and parameter check functions do not limit\nthe modulus size when performing the checks.\n\nAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\nand supplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nThese functions are not called by OpenSSL itself on untrusted DSA keys so\nonly applications that directly call these functions may be vulnerable.\n\nAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\nwhen using the `-check` option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue."
        }
      ],
      "metrics": [
        {
          "format": "other",
          "other": {
            "content": {
              "text": "Low"
            },
            "type": "https://www.openssl.org/policies/secpolicy.html"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-606",
              "description": "CWE-606 Unchecked Input for Loop Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-14T14:56:01.784Z",
        "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "shortName": "openssl"
      },
      "references": [
        {
          "name": "OpenSSL Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.openssl.org/news/secadv/20240516.txt"
        },
        {
          "name": "3.0.14 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397"
        },
        {
          "name": "3.1.6 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d"
        },
        {
          "name": "3.2.2 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740"
        },
        {
          "name": "3.3.1 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Excessive time spent checking DSA keys and parameters",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
    "assignerShortName": "openssl",
    "cveId": "CVE-2024-4603",
    "datePublished": "2024-05-16T15:21:20.050Z",
    "dateReserved": "2024-05-07T11:44:02.196Z",
    "dateUpdated": "2024-10-14T14:56:01.784Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-4603\",\"sourceIdentifier\":\"openssl-security@openssl.org\",\"published\":\"2024-05-16T16:15:10.643\",\"lastModified\":\"2024-11-21T09:43:11.753\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Issue summary: Checking excessively long DSA keys or parameters may be very\\nslow.\\n\\nImpact summary: Applications that use the functions EVP_PKEY_param_check()\\nor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\\nexperience long delays. Where the key or parameters that are being checked\\nhave been obtained from an untrusted source this may lead to a Denial of\\nService.\\n\\nThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\\nvarious checks on DSA parameters. Some of those computations take a long time\\nif the modulus (`p` parameter) is too large.\\n\\nTrying to use a very large modulus is slow and OpenSSL will not allow using\\npublic keys with a modulus which is over 10,000 bits in length for signature\\nverification. However the key and parameter check functions do not limit\\nthe modulus size when performing the checks.\\n\\nAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\\nand supplies a key or parameters obtained from an untrusted source could be\\nvulnerable to a Denial of Service attack.\\n\\nThese functions are not called by OpenSSL itself on untrusted DSA keys so\\nonly applications that directly call these functions may be vulnerable.\\n\\nAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\\nwhen using the `-check` option.\\n\\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\\n\\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.\"},{\"lang\":\"es\",\"value\":\"Resumen del problema: la comprobaci\u00f3n de claves o par\u00e1metros DSA excesivamente largos puede resultar muy lenta. Resumen de impacto: las aplicaciones que utilizan las funciones EVP_PKEY_param_check() o EVP_PKEY_public_check() para comprobar una clave p\u00fablica de DSA o par\u00e1metros de DSA pueden experimentar grandes retrasos. Cuando la clave o los par\u00e1metros que se est\u00e1n verificando se obtuvieron de una fuente que no es confiable, esto puede dar lugar a una Denegaci\u00f3n de Servicio. Las funciones EVP_PKEY_param_check() o EVP_PKEY_public_check() realizan varias comprobaciones de los par\u00e1metros DSA. Algunos de esos c\u00e1lculos toman mucho tiempo si el m\u00f3dulo (par\u00e1metro `p`) es demasiado grande. Intentar utilizar un m\u00f3dulo muy grande es lento y OpenSSL no permitir\u00e1 el uso de claves p\u00fablicas con un m\u00f3dulo de m\u00e1s de 10.000 bits de longitud para la verificaci\u00f3n de firmas. Sin embargo, las funciones de verificaci\u00f3n de claves y par\u00e1metros no limitan el tama\u00f1o del m\u00f3dulo al realizar las verificaciones. Una aplicaci\u00f3n que llama a EVP_PKEY_param_check() o EVP_PKEY_public_check() y proporciona una clave o par\u00e1metros obtenidos de una fuente que no es de confianza podr\u00eda ser vulnerable a un ataque de denegaci\u00f3n de servicio. OpenSSL no llama a estas funciones en claves DSA que no son de confianza, por lo que solo las aplicaciones que llaman directamente a estas funciones pueden ser vulnerables. Tambi\u00e9n son vulnerables las aplicaciones de l\u00ednea de comandos OpenSSL pkey y pkeyparam cuando se usa la opci\u00f3n `-check`. La implementaci\u00f3n de OpenSSL SSL/TLS no se ve afectada por este problema. Los proveedores FIPS OpenSSL 3.0 y 3.1 se ven afectados por este problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"openssl-security@openssl.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-606\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-834\"}]}],\"references\":[{\"url\":\"https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.openssl.org/news/secadv/20240516.txt\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/05/16/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.openssl.org/news/secadv/20240516.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.openssl.org/news/secadv/20240516.txt\", \"name\": \"OpenSSL Advisory\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397\", \"name\": \"3.0.14 git commit\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d\", \"name\": \"3.1.6 git commit\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740\", \"name\": \"3.2.2 git commit\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e\", \"name\": \"3.3.1 git commit\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/05/16/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0001/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T20:47:41.528Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-4603\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-16T18:27:25.638098Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\"], \"vendor\": \"openssl\", \"product\": \"openssl\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0\", \"lessThan\": \"3.0.14\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.1.0\", \"lessThan\": \"3.1.6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.2.0\", \"lessThan\": \"3.2.2\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.3.0\", \"lessThan\": \"3.3.1\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-834\", \"description\": \"CWE-834 Excessive Iteration\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-16T18:23:43.403Z\"}}], \"cna\": {\"title\": \"Excessive time spent checking DSA keys and parameters\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"OSS-Fuzz\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Tomas Mraz\"}], \"metrics\": [{\"other\": {\"type\": \"https://www.openssl.org/policies/secpolicy.html\", \"content\": {\"text\": \"Low\"}}, \"format\": \"other\"}], \"affected\": [{\"vendor\": \"OpenSSL\", \"product\": \"OpenSSL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0\", \"lessThan\": \"3.0.14\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.1.0\", \"lessThan\": \"3.1.6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.2.0\", \"lessThan\": \"3.2.2\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.3.0\", \"lessThan\": \"3.3.1\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2024-05-16T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.openssl.org/news/secadv/20240516.txt\", \"name\": \"OpenSSL Advisory\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397\", \"name\": \"3.0.14 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d\", \"name\": \"3.1.6 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740\", \"name\": \"3.2.2 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e\", \"name\": \"3.3.1 git commit\", \"tags\": [\"patch\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Issue summary: Checking excessively long DSA keys or parameters may be very\\nslow.\\n\\nImpact summary: Applications that use the functions EVP_PKEY_param_check()\\nor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\\nexperience long delays. Where the key or parameters that are being checked\\nhave been obtained from an untrusted source this may lead to a Denial of\\nService.\\n\\nThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\\nvarious checks on DSA parameters. Some of those computations take a long time\\nif the modulus (`p` parameter) is too large.\\n\\nTrying to use a very large modulus is slow and OpenSSL will not allow using\\npublic keys with a modulus which is over 10,000 bits in length for signature\\nverification. However the key and parameter check functions do not limit\\nthe modulus size when performing the checks.\\n\\nAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\\nand supplies a key or parameters obtained from an untrusted source could be\\nvulnerable to a Denial of Service attack.\\n\\nThese functions are not called by OpenSSL itself on untrusted DSA keys so\\nonly applications that directly call these functions may be vulnerable.\\n\\nAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\\nwhen using the `-check` option.\\n\\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\\n\\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Issue summary: Checking excessively long DSA keys or parameters may be very\u003cbr\u003eslow.\u003cbr\u003e\u003cbr\u003eImpact summary: Applications that use the functions EVP_PKEY_param_check()\u003cbr\u003eor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\u003cbr\u003eexperience long delays. Where the key or parameters that are being checked\u003cbr\u003ehave been obtained from an untrusted source this may lead to a Denial of\u003cbr\u003eService.\u003cbr\u003e\u003cbr\u003eThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\u003cbr\u003evarious checks on DSA parameters. Some of those computations take a long time\u003cbr\u003eif the modulus (`p` parameter) is too large.\u003cbr\u003e\u003cbr\u003eTrying to use a very large modulus is slow and OpenSSL will not allow using\u003cbr\u003epublic keys with a modulus which is over 10,000 bits in length for signature\u003cbr\u003everification. However the key and parameter check functions do not limit\u003cbr\u003ethe modulus size when performing the checks.\u003cbr\u003e\u003cbr\u003eAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\u003cbr\u003eand supplies a key or parameters obtained from an untrusted source could be\u003cbr\u003evulnerable to a Denial of Service attack.\u003cbr\u003e\u003cbr\u003eThese functions are not called by OpenSSL itself on untrusted DSA keys so\u003cbr\u003eonly applications that directly call these functions may be vulnerable.\u003cbr\u003e\u003cbr\u003eAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\u003cbr\u003ewhen using the `-check` option.\u003cbr\u003e\u003cbr\u003eThe OpenSSL SSL/TLS implementation is not affected by this issue.\u003cbr\u003e\u003cbr\u003eThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-606\", \"description\": \"CWE-606 Unchecked Input for Loop Condition\"}]}], \"providerMetadata\": {\"orgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"shortName\": \"openssl\", \"dateUpdated\": \"2024-10-14T14:56:01.784Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-4603\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-14T14:56:01.784Z\", \"dateReserved\": \"2024-05-07T11:44:02.196Z\", \"assignerOrgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"datePublished\": \"2024-05-16T15:21:20.050Z\", \"assignerShortName\": \"openssl\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}