Headline
Red Hat Security Advisory 2023-3722-01
Red Hat Security Advisory 2023-3722-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include buffer over-read and denial of service vulnerabilities.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: openssl security and bug fix update
Advisory ID: RHSA-2023:3722-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2023:3722
Issue date: 2023-06-21
CVE Names: CVE-2023-0464 CVE-2023-0465 CVE-2023-0466
CVE-2023-1255 CVE-2023-2650
=====================================================================
- Summary:
An update for openssl is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux BaseOS (v. 9) - aarch64, ppc64le, s390x, x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and
Transport Layer Security (TLS) protocols, as well as a full-strength
general-purpose cryptography library.
Security Fix(es):
openssl: Possible DoS translating ASN.1 object identifiers
(CVE-2023-2650)openssl: Denial of service by excessive resource usage in verifying X509
policy constraints (CVE-2023-0464)openssl: Invalid certificate policies in leaf certificates are silently
ignored (CVE-2023-0465)openssl: Certificate policy check not enabled (CVE-2023-0466)
openssl: Input buffer over-read in AES-XTS implementation on 64 bit ARM
(CVE-2023-1255)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
In FIPS mode, openssl KDFs should only allow selected hash algorithms
(BZ#2175860)In FIPS mode, openssl should reject short KDF input or output keys or
provide an indicator (BZ#2175864)In FIPS mode, openssl should provide an indicator for AES-GCM to query
whether the IV was generated internally or provided externally (BZ#2175868)openssl FIPS mode self-test should zeroize
outinverify_integrityin
providers/fips/self_test.c (BZ#2175873)In FIPS mode, openssl should not support RSA encryption or decryption
without padding (outside of RSASVE) or provide an indicator (BZ#2178029)In FIPS mode, openssl should reject EVP_PKEY_fromdata() for short DHX
keys, or provide an indicator (BZ#2178030)In FIPS mode, openssl should not use the legacy ECDSA_do_sign(),
RSA_public_encrypt(), RSA_private_decrypt() functions for pairwise
consistency tests (BZ#2178034)In FIPS mode, openssl should enter error state when DH PCT fails
(BZ#2178039)In FIPS mode, openssl should always run the PBKDF2 lower bounds checks or
provide an indicator when the pkcs5 parameter is set to 1 (BZ#2178137)Support requiring EMS in TLS 1.2, default to it when in FIPS mode
(BZ#2188046)OpenSSL rsa_verify_recover doesn’t use the same key checks as rsa_verify
in FIPS mode (BZ#2188052)RHEL9.0 - sshd dumps core when ibmca engine is configured with
default_algorithms = CIPHERS or ALL (openssl) (BZ#2211396)
- Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library
must be restarted, or the system rebooted.
- Bugs fixed (https://bugzilla.redhat.com/):
2175860 - In FIPS mode, openssl KDFs should only allow selected hash algorithms [rhel-9.2.0.z]
2175864 - In FIPS mode, openssl should reject short KDF input or output keys or provide an indicator [rhel-9.2.0.z]
2175868 - In FIPS mode, openssl should provide an indicator for AES-GCM to query whether the IV was generated internally or provided externally [rhel-9.2.0.z]
2175873 - openssl FIPS mode self-test should zeroize out in verify_integrity in providers/fips/self_test.c [rhel-9.2.0.z]
2178029 - In FIPS mode, openssl should not support RSA encryption or decryption without padding (outside of RSASVE) or provide an indicator [rhel-9.2.0.z]
2178030 - In FIPS mode, openssl should reject EVP_PKEY_fromdata() for short DHX keys, or provide an indicator [rhel-9.2.0.z]
2178034 - In FIPS mode, openssl should not use the legacy ECDSA_do_sign(), RSA_public_encrypt(), RSA_private_decrypt() functions for pairwise consistency tests [rhel-9.2.0.z]
2178039 - In FIPS mode, openssl should enter error state when DH PCT fails [rhel-9.2.0.z]
2178137 - In FIPS mode, openssl should always run the PBKDF2 lower bounds checks or provide an indicator when the pkcs5 parameter is set to 1 [rhel-9.2.0.z]
2179379 - In FIPS mode, openssl should indicate that RSA encryption and RSASVE are unapproved [rhel-9.2.0.z]
2181082 - CVE-2023-0464 openssl: Denial of service by excessive resource usage in verifying X509 policy constraints
2182561 - CVE-2023-0465 openssl: Invalid certificate policies in leaf certificates are silently ignored
2182565 - CVE-2023-0466 openssl: Certificate policy check not enabled
2188046 - Support requiring EMS in TLS 1.2, default to it when in FIPS mode [rhel-9.2.0.z]
2188052 - OpenSSL rsa_verify_recover doesn’t use the same key checks as rsa_verify in FIPS mode [rhel-9.2.0.z]
2188461 - CVE-2023-1255 openssl: Input buffer over-read in AES-XTS implementation on 64 bit ARM
2207947 - CVE-2023-2650 openssl: Possible DoS translating ASN.1 object identifiers
- Package List:
Red Hat Enterprise Linux AppStream (v. 9):
aarch64:
openssl-debuginfo-3.0.7-16.el9_2.aarch64.rpm
openssl-debugsource-3.0.7-16.el9_2.aarch64.rpm
openssl-devel-3.0.7-16.el9_2.aarch64.rpm
openssl-libs-debuginfo-3.0.7-16.el9_2.aarch64.rpm
openssl-perl-3.0.7-16.el9_2.aarch64.rpm
ppc64le:
openssl-debuginfo-3.0.7-16.el9_2.ppc64le.rpm
openssl-debugsource-3.0.7-16.el9_2.ppc64le.rpm
openssl-devel-3.0.7-16.el9_2.ppc64le.rpm
openssl-libs-debuginfo-3.0.7-16.el9_2.ppc64le.rpm
openssl-perl-3.0.7-16.el9_2.ppc64le.rpm
s390x:
openssl-debuginfo-3.0.7-16.el9_2.s390x.rpm
openssl-debugsource-3.0.7-16.el9_2.s390x.rpm
openssl-devel-3.0.7-16.el9_2.s390x.rpm
openssl-libs-debuginfo-3.0.7-16.el9_2.s390x.rpm
openssl-perl-3.0.7-16.el9_2.s390x.rpm
x86_64:
openssl-debuginfo-3.0.7-16.el9_2.i686.rpm
openssl-debuginfo-3.0.7-16.el9_2.x86_64.rpm
openssl-debugsource-3.0.7-16.el9_2.i686.rpm
openssl-debugsource-3.0.7-16.el9_2.x86_64.rpm
openssl-devel-3.0.7-16.el9_2.i686.rpm
openssl-devel-3.0.7-16.el9_2.x86_64.rpm
openssl-libs-debuginfo-3.0.7-16.el9_2.i686.rpm
openssl-libs-debuginfo-3.0.7-16.el9_2.x86_64.rpm
openssl-perl-3.0.7-16.el9_2.x86_64.rpm
Red Hat Enterprise Linux BaseOS (v. 9):
Source:
openssl-3.0.7-16.el9_2.src.rpm
aarch64:
openssl-3.0.7-16.el9_2.aarch64.rpm
openssl-debuginfo-3.0.7-16.el9_2.aarch64.rpm
openssl-debugsource-3.0.7-16.el9_2.aarch64.rpm
openssl-libs-3.0.7-16.el9_2.aarch64.rpm
openssl-libs-debuginfo-3.0.7-16.el9_2.aarch64.rpm
ppc64le:
openssl-3.0.7-16.el9_2.ppc64le.rpm
openssl-debuginfo-3.0.7-16.el9_2.ppc64le.rpm
openssl-debugsource-3.0.7-16.el9_2.ppc64le.rpm
openssl-libs-3.0.7-16.el9_2.ppc64le.rpm
openssl-libs-debuginfo-3.0.7-16.el9_2.ppc64le.rpm
s390x:
openssl-3.0.7-16.el9_2.s390x.rpm
openssl-debuginfo-3.0.7-16.el9_2.s390x.rpm
openssl-debugsource-3.0.7-16.el9_2.s390x.rpm
openssl-libs-3.0.7-16.el9_2.s390x.rpm
openssl-libs-debuginfo-3.0.7-16.el9_2.s390x.rpm
x86_64:
openssl-3.0.7-16.el9_2.x86_64.rpm
openssl-debuginfo-3.0.7-16.el9_2.i686.rpm
openssl-debuginfo-3.0.7-16.el9_2.x86_64.rpm
openssl-debugsource-3.0.7-16.el9_2.i686.rpm
openssl-debugsource-3.0.7-16.el9_2.x86_64.rpm
openssl-libs-3.0.7-16.el9_2.i686.rpm
openssl-libs-3.0.7-16.el9_2.x86_64.rpm
openssl-libs-debuginfo-3.0.7-16.el9_2.i686.rpm
openssl-libs-debuginfo-3.0.7-16.el9_2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2023-0464
https://access.redhat.com/security/cve/CVE-2023-0465
https://access.redhat.com/security/cve/CVE-2023-0466
https://access.redhat.com/security/cve/CVE-2023-1255
https://access.redhat.com/security/cve/CVE-2023-2650
https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is [email protected]. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBZJNwkNzjgjWX9erEAQhVug/+OCeS8zuNQw9TZbXPIaKw8OzcWeIvViWS
G8J0Tmb4GmO58XX5BRll9YY49E5Voa2V/Tq5Nq693rdkxb7aiN6zTBk+M2Bc6LKB
MVnKebjYO9fHU8vrNx9zMxmdXuRe9GKpDbZf12e6k3QxX6q+N8oY7GqdCGJB6I/4
32JTzwrNTfxiMd54jSgBwuDmi6zg+aPXZ10IkefNQUEOH0zKaE2CBWqp04Okyg7b
c0ugnOnuUEq5Z/lOjruOx/sfWxij69jSWvPjUqsCVSlb5HZxfMF5Cd2UGMc08wwx
jh7vU9nTB1+T1E/olP0iRgNvHqiGX+9oIfD2v0HauR9uDGUr3px7JJ/LHH2WTcvv
Tvl/xH4Kw89ssKw6JEzRJfAQSpbYgAx8+JuXVAvZUUrdBAf07tlqoBBtxPuSbmmO
4qDjbWZzVfpeuBhm3n1x4xr5WkEnTlikZf6UeOvlZr03HFlTNAx5bQCS2Ma/4jNF
Sd8LKoC4Xk10TEjL/+9BQ+pJepMXwd941ElNouyFKSu0DV+nG6fyKflBDxCsTFsq
5b/lrhhHJv2/2VsSzHhe4uQ1BBAF8h/+V37oGVcHEmqI+RTjLOtKF99Mc05ih6bG
pkdWjV4zF9ZplCMiNCeKzit1ZSSaQrDPHsJ2rnzdl6h93QSbxMNyEoDKKmSxkW+t
X2F9Dp1A45Q=
=Uq7W
-----END PGP SIGNATURE-----
–
RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce
Related news
Ubuntu Security Notice 6672-1 - Morgan Jones discovered that Node.js incorrectly handled certain inputs that leads to false positive errors during some cryptographic operations. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.10. It was discovered that Node.js incorrectly handled certain inputs leaded to a untrusted search path vulnerability. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform a privilege escalation.
Gentoo Linux Security Advisory 202402-8 - Multiple vulnerabilities have been found in OpenSSL, the worst of which could result in denial of service. Versions greater than or equal to 3.0.10 are affected.
Red Hat Security Advisory 2023-7626-03 - Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 2 is now available. Issues addressed include buffer overflow, denial of service, information leakage, and integer overflow vulnerabilities.
Red Hat Security Advisory 2023-7625-03 - An update is now available for Red Hat JBoss Core Services. Issues addressed include buffer overflow, denial of service, and information leakage vulnerabilities.
Red Hat Security Advisory 2023-7623-03 - Red Hat JBoss Web Server 5.7.7 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server. Issues addressed include denial of service and open redirection vulnerabilities.
Red Hat Security Advisory 2023-7622-03 - An update is now available for Red Hat JBoss Web Server 5.7.7 on Red Hat Enterprise Linux versions 7, 8, and 9. Issues addressed include denial of service and open redirection vulnerabilities.
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.
IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a privileged user to obtain sensitive information due to missing best practices. IBM X-Force ID: 213551.
Dell PowerScale OneFS 8.2.x, 9.0.0.x-9.5.0.x contains an improper handling of insufficient permissions. A low privileged remote attacker could potentially exploit this vulnerability to cause information disclosure.
Under certain conditions, Nessus Network Monitor could allow a low privileged user to escalate privileges to NT AUTHORITY\SYSTEM on Windows hosts by replacing a specially crafted file.
Vulnerability in the Sun ZFS Storage Appliance product of Oracle Systems (component: Core). The supported version that is affected is 8.8.60. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Sun ZFS Storage Appliance. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Sun ZFS Storage Appliance. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
cert-manager Operator for Red Hat OpenShift 1.10.3 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specia...
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.13.1 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
Categories: Exploits and vulnerabilities Categories: News Tags: Zimbra Tags: ZCS Tags: CVE-2023-38750 Tags: CISA Tags: CVE-2023-0464 Tags: TAG Tags: XSS Tags: JSP Tags: XML Tags: Zimbra has released ZCS 10.0.2 that fixes two security issues, including the known bug that could lead to exposure of internal JSP and XML files. (Read more...) The post Zimbra issues awaited patch for actively exploited vulnerability appeared first on Malwarebytes Labs.
Red Hat Security Advisory 2023-4226-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.6.
Red Hat OpenShift Container Platform release 4.13.6 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number...
OpenShift sandboxed containers 1.4.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
Red Hat Security Advisory 2023-4091-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.5. Issues addressed include a denial of service vulnerability.
Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server c...
Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).
Red Hat Security Advisory 2023-3925-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.23.
Red Hat OpenShift Container Platform release 4.12.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-...
Network Observability 1.3.0 for OpenShift Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Templates containing multiple actions separated by a '/' character could result in unexpectedly closing the CSS context and allowing for the injection of unexpected HMTL if executed with untrusted input. * CVE-2023-24540: A flaw was found in golang,...
Ubuntu Security Notice 6188-1 - Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1 object identifiers. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service.
Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.
Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user could potentially exploit this vulnerability to retrieve the plain text.
Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user could potentially exploit this vulnerability to retrieve the plain text.
Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. A remote low privileged malicious user could potentially exploit this vulnerability to retrieve the plain text.
Debian Linux Security Advisory 5417-1 - Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit.
Debian Linux Security Advisory 5417-1 - Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit.
Debian Linux Security Advisory 5417-1 - Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit.
Debian Linux Security Advisory 5417-1 - Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit.
Ubuntu Security Notice 6119-1 - Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1 object identifiers. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. Anton Romanov discovered that OpenSSL incorrectly handled AES-XTS cipher decryption on 64-bit ARM platforms. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04.
Ubuntu Security Notice 6119-1 - Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1 object identifiers. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. Anton Romanov discovered that OpenSSL incorrectly handled AES-XTS cipher decryption on 64-bit ARM platforms. An attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04.
Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit. OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in the OBJECT IDENTIFIER is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the translation to a decimal number in text may take a very long time. T...
Ubuntu Security Notice 6039-1 - It was discovered that OpenSSL was not properly managing file locks when processing policy constraints. If a user or automated system were tricked into processing a certificate chain with specially crafted policy constraints, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. David Benjamin discovered that OpenSSL was not properly performing the verification of X.509 certificate chains that include policy constraints, which could lead to excessive resource consumption. If a user or automated system were tricked into processing a specially crafted X.509 certificate chain that includes policy constraints, a remote attacker could possibly use this issue to cause a denial of service.
Ubuntu Security Notice 6039-1 - It was discovered that OpenSSL was not properly managing file locks when processing policy constraints. If a user or automated system were tricked into processing a certificate chain with specially crafted policy constraints, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. David Benjamin discovered that OpenSSL was not properly performing the verification of X.509 certificate chains that include policy constraints, which could lead to excessive resource consumption. If a user or automated system were tricked into processing a specially crafted X.509 certificate chain that includes policy constraints, a remote attacker could possibly use this issue to cause a denial of service.
Ubuntu Security Notice 6039-1 - It was discovered that OpenSSL was not properly managing file locks when processing policy constraints. If a user or automated system were tricked into processing a certificate chain with specially crafted policy constraints, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. David Benjamin discovered that OpenSSL was not properly performing the verification of X.509 certificate chains that include policy constraints, which could lead to excessive resource consumption. If a user or automated system were tricked into processing a specially crafted X.509 certificate chain that includes policy constraints, a remote attacker could possibly use this issue to cause a denial of service.
Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM platform contains a bug that could cause it to read past the input buffer, leading to a crash. Impact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM platform can crash in rare circumstances. The AES-XTS algorithm is usually used for disk encryption. The AES-XTS cipher decryption implementation for 64 bit ARM platform will read past the end of the ciphertext buffer if the ciphertext size is 4 mod 5, e.g. 144 bytes or 1024 bytes. If the memory after the ciphertext buffer is unmapped, this will trigger a crash which results in a denial of service. If an attacker can control the size and location of the ciphertext buffer being decrypted by an application using AES-XTS on 64 bit ARM, the application is affected. This is fairly unlikely making this issue a Low severity one.
The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function. Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument. Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications.
Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.
A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.