Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-3996: x509: fix double locking problem · openssl/openssl@7725e7b

If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. Policy processing being enabled on a publicly facing server is not considered to be a common setup. Policy processing is enabled by passing the -policy' argument to the command line utilities or by calling eitherX509_VERIFY_PARAM_add0_policy()' or `X509_VERIFY_PARAM_set1_policies()' functions.

CVE
#vulnerability#windows#dos#git#auth#ssl

Skip to content

Sign up

    • Actions

      Automate any workflow

    • Packages

      Host and manage packages

    • Security

      Find and fix vulnerabilities

    • Codespaces

      Instant dev environments

    • Copilot

      Write better code with AI

    • Code review

      Manage code changes

    • Issues

      Plan and track work

    • Discussions

      Collaborate outside of code

*   Explore
*   All features
*   Documentation
*   GitHub Skills
*   Blog
    • For

    • Enterprise

    • Teams

    • Startups

    • Education

    • By Solution

    • CI/CD & Automation

    • DevOps

    • DevSecOps

    • Case Studies

    • Customer Stories

    • Resources

    • GitHub Sponsors

      Fund open source developers

*   The ReadME Project
    
    GitHub community articles
    

*   Repositories
*   Topics
*   Trending
*   Collections
  • Pricing

  • In this repository All GitHub

  • No suggested jump to results

  • In this repository All GitHub

  • In this organization All GitHub

  • In this repository All GitHub

Sign in

Sign up

openssl / openssl Public

  • Notifications
  • Fork 8.7k
  • Star 20.4k
  • Code
  • Issues 1.8k
  • Pull requests 275
  • Actions
  • Projects 2
  • Wiki
  • Security
  • Insights

More

Permalink

Browse files

x509: fix double locking problem

This reverts commit 9aa4be6 and removed the redundant flag setting.

Fixes #19643

Fixes LOW CVE-2022-3996

Reviewed-by: Dmitry Belyavskiy [email protected] Reviewed-by: Tomas Mraz [email protected] (Merged from #19652)

(cherry picked from commit 4d0340a)

  • Loading branch information

paulidale authored and t8m committed

Dec 8, 2022

1 parent 9a5c884 commit 7725e7bfe6f2ce8146b6552b44e0d226be7638e7

Showing 1 changed file with 0 additions and 4 deletions.

4 crypto/x509/pcy_map.c

Show comments View file

@@ -73,10 +73,6 @@ int ossl_policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)

ret = 1;

bad_mapping:

if (ret == -1 && CRYPTO_THREAD_write_lock(x->lock)) {

x->ex_flags |= EXFLAG_INVALID_POLICY;

CRYPTO_THREAD_unlock(x->lock);

}

sk_POLICY_MAPPING_pop_free(maps, POLICY_MAPPING_free);

return ret;

0 comments on commit 7725e7b

Please sign in to comment.

Related news

CVE-2023-22062: Oracle Critical Patch Update Advisory - July 2023

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).

Ubuntu Security Notice USN-6039-1

Ubuntu Security Notice 6039-1 - It was discovered that OpenSSL was not properly managing file locks when processing policy constraints. If a user or automated system were tricked into processing a certificate chain with specially crafted policy constraints, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. David Benjamin discovered that OpenSSL was not properly performing the verification of X.509 certificate chains that include policy constraints, which could lead to excessive resource consumption. If a user or automated system were tricked into processing a specially crafted X.509 certificate chain that includes policy constraints, a remote attacker could possibly use this issue to cause a denial of service.

OpenSSL Fixes Multiple New Security Flaws with Latest Update

The OpenSSL Project has released fixes to address several security flaws, including a high-severity bug in the open source encryption toolkit that could potentially expose users to malicious attacks. Tracked as CVE-2023-0286, the issue relates to a case of type confusion that may permit an adversary to "read memory contents or enact a denial-of-service," the maintainers said in an advisory. The

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907