Headline
RHSA-2023:1199: Red Hat Security Advisory: openssl security and bug fix update
An update for openssl is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-4203: A flaw was found in Open SSL. A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification, and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer.
- CVE-2022-4304: A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages for decryption. This issue affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP, and RSASVE.
- CVE-2022-4450: A double-free vulnerability was found in OpenSSL’s PEM_read_bio_ex function. The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the “name” (for example, “CERTIFICATE”), any header data, and the payload data. If the function succeeds, then the “name_out,” “header,” and “data” arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. Constructing a PEM file that results in 0 bytes of payload data is possible. In this case, PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a freed buffer. A double-free will occur if the caller also frees this buffer. This will most likely lead to a crash. This could be exploited by an attacker who can supply malicious PEM files for parsing to achieve a denial of service attack.
- CVE-2023-0215: A use-after-free vulnerability was found in OpenSSL’s BIO_new_NDEF function. The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally by OpenSSL to support the SMIME, CMS, and PKCS7 streaming capabilities, but it may also be called directly by end-user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions. For example, if a CMS recipient public key is invalid, the new filter BIO is freed, and the function returns a NULL result indicating a failure. However, in this case, the BIO chain is not properly cleaned up, and the BIO passed by the caller still retains internal pointers to the previously freed filter BIO. If the caller then calls BIO_pop() on the BIO, a use-after-free will occur, possibly resulting in a crash.
- CVE-2023-0216: A flaw was found in OpenSSL. An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. This may result in an application crash which could lead to a denial of service. The TLS implementation in OpenSSL does not call this function, however, third party applications might call these functions on untrusted data.
- CVE-2023-0217: A flaw was found in OpenSSL. An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function, most likely leading to an application crash. This function can be called on public keys supplied from untrusted sources, which could allow an attacker to cause a denial of service.
- CVE-2023-0286: A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled (for example, the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or cause a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, of which neither needs a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. In this case, this vulnerability is likely only to affect applications that have implemented their own functionality for retrieving CRLs over a network.
- CVE-2023-0401: A NULL pointer vulnerability was found in OpenSSL, which can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available, the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API, most likely leading to a crash.
Synopsis
Moderate: openssl security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for openssl is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
- openssl: read buffer overflow in X.509 certificate verification (CVE-2022-4203)
- openssl: timing attack in RSA Decryption implementation (CVE-2022-4304)
- openssl: double free after calling PEM_read_bio_ex (CVE-2022-4450)
- openssl: use-after-free following BIO_new_NDEF (CVE-2023-0215)
- openssl: invalid pointer dereference in d2i_PKCS7 functions (CVE-2023-0216)
- openssl: NULL dereference validating DSA public key (CVE-2023-0217)
- openssl: X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
- openssl: NULL dereference during PKCS7 data verification (CVE-2023-0401)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- HMAC generation should reject key lengths < 112 bits or provide an indicator in FIPS mode (BZ#2144001)
- In FIPS mode, openssl should set a minimum length for passwords in PBKDF2 (BZ#2144004)
- stunnel consumes high amount of memory when pestered with TCP connections without a TLS handshake (BZ#2144009)
- In FIPS mode, openssl should reject SHAKE as digest for RSA-OAEP or provide an indicator (BZ#2144011)
- In FIPS mode, openssl should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator (BZ#2144013)
- In FIPS mode, openssl should reject RSA signatures with X9.31 padding, or provide an indicator (BZ#2144016)
- In FIPS mode, openssl should reject SHA-224, SHA-384, SHA-512-224, and SHA-512-256 as hashes for hash-based DRBGs, or provide an indicator after 2023-05-16 (BZ#2144018)
- In FIPS mode, openssl should reject KDF input and output key lengths < 112 bits or provide an indicator (BZ#2144020)
- In FIPS mode, openssl should reject RSA keys < 2048 bits when using EVP_PKEY_decapsulate, or provide an indicator (BZ#2145171)
- OpenSSL FIPS checksum code needs update (BZ#2158413)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
- Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64
- Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x
Fixes
- BZ - 2144001 - HMAC generation should reject key lengths < 112 bits or provide an indicator in FIPS mode [rhel-9.0.0.z]
- BZ - 2144004 - In FIPS mode, openssl should set a minimum length for passwords in PBKDF2 [rhel-9.0.0.z]
- BZ - 2144007 - FIPS self-test data for RSA-CRT contains incorrect parameters [rhel-9.0.0.z]
- BZ - 2144009 - stunnel consumes high amount of memory when pestered with TCP connections without a TLS handshake [rhel-9.0.0.z]
- BZ - 2144011 - In FIPS mode, openssl should reject SHAKE as digest for RSA-OAEP or provide an indicator [rhel-9.0.0.z]
- BZ - 2144013 - In FIPS mode, openssl should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator [rhel-9.0.0.z]
- BZ - 2144016 - In FIPS mode, openssl should reject RSA signatures with X9.31 padding, or provide an indicator [rhel-9.0.0.z]
- BZ - 2144018 - In FIPS mode, openssl should reject SHA-224, SHA-384, SHA-512-224, and SHA-512-256 as hashes for hash-based DRBGs, or provide an indicator after 2023-05-16 [rhel-9.0.0.z]
- BZ - 2144020 - In FIPS mode, openssl should reject KDF input and output key lengths < 112 bits or provide an indicator [rhel-9.0.0.z]
- BZ - 2145171 - In FIPS mode, openssl should reject RSA keys < 2048 bits when using EVP_PKEY_decapsulate, or provide an indicator [rhel-9.0.0.z]
- BZ - 2158413 - OpenSSL FIPS checksum code needs update [rhel-9.0.0.z]
- BZ - 2164440 - CVE-2023-0286 openssl: X.400 address type confusion in X.509 GeneralName
- BZ - 2164487 - CVE-2022-4304 openssl: timing attack in RSA Decryption implementation
- BZ - 2164488 - CVE-2022-4203 openssl: read buffer overflow in X.509 certificate verification
- BZ - 2164492 - CVE-2023-0215 openssl: use-after-free following BIO_new_NDEF
- BZ - 2164494 - CVE-2022-4450 openssl: double free after calling PEM_read_bio_ex
- BZ - 2164497 - CVE-2023-0216 openssl: invalid pointer dereference in d2i_PKCS7 functions
- BZ - 2164499 - CVE-2023-0217 openssl: NULL dereference validating DSA public key
- BZ - 2164500 - CVE-2023-0401 openssl: NULL dereference during PKCS7 data verification
CVEs
- CVE-2022-4203
- CVE-2022-4304
- CVE-2022-4450
- CVE-2023-0215
- CVE-2023-0216
- CVE-2023-0217
- CVE-2023-0286
- CVE-2023-0401
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0
SRPM
openssl-3.0.1-46.el9_0.src.rpm
SHA-256: c68f7ccb98a65593c793d42450c5e117178dade48c2bcc376c68f6b2673e7fb2
x86_64
openssl-3.0.1-46.el9_0.x86_64.rpm
SHA-256: 29f3f3f6b366e2b87c7a8228d1df71d9c45fe241fdba9b47cd30f5663d32b0cf
openssl-debuginfo-3.0.1-46.el9_0.i686.rpm
SHA-256: b73ab9c39f635c3ecade7f36de3568d71a74cfdbd229b7b23fccee0571c91ca9
openssl-debuginfo-3.0.1-46.el9_0.i686.rpm
SHA-256: b73ab9c39f635c3ecade7f36de3568d71a74cfdbd229b7b23fccee0571c91ca9
openssl-debuginfo-3.0.1-46.el9_0.x86_64.rpm
SHA-256: a924ef907f0c0dafa4335807c0371273c61cce710814961e3f78d35fa959dadd
openssl-debuginfo-3.0.1-46.el9_0.x86_64.rpm
SHA-256: a924ef907f0c0dafa4335807c0371273c61cce710814961e3f78d35fa959dadd
openssl-debugsource-3.0.1-46.el9_0.i686.rpm
SHA-256: bb6f9f0ec9eb6f20e880fbcced72280b2a568f0567a4c7fa7c12e82cd201966e
openssl-debugsource-3.0.1-46.el9_0.i686.rpm
SHA-256: bb6f9f0ec9eb6f20e880fbcced72280b2a568f0567a4c7fa7c12e82cd201966e
openssl-debugsource-3.0.1-46.el9_0.x86_64.rpm
SHA-256: 1391a8ac5a14d3d271504e00f8d712058db9674079343eb761af73c1d45b11ea
openssl-debugsource-3.0.1-46.el9_0.x86_64.rpm
SHA-256: 1391a8ac5a14d3d271504e00f8d712058db9674079343eb761af73c1d45b11ea
openssl-devel-3.0.1-46.el9_0.i686.rpm
SHA-256: 8d58a4d9931aac512297956bea6b1c2261ea7180f73b01013750b3bb6ba43932
openssl-devel-3.0.1-46.el9_0.x86_64.rpm
SHA-256: 002d465e9675d885b24c4e00afcf1557f0cd725bd0ee50f4badb0e8e620bb99f
openssl-libs-3.0.1-46.el9_0.i686.rpm
SHA-256: a8c25dc20623a72aa5a284bea2f986ff27d67732bd38882ab519c4aac6fad995
openssl-libs-3.0.1-46.el9_0.x86_64.rpm
SHA-256: fed4bfa85d792967ad457bca405c8ec3cbb27b59bbd69c3429489793f34cbcc7
openssl-libs-debuginfo-3.0.1-46.el9_0.i686.rpm
SHA-256: 539530349ef901f993a5d0575fd34f30c33f5371f64c0444fb0bb99103193504
openssl-libs-debuginfo-3.0.1-46.el9_0.i686.rpm
SHA-256: 539530349ef901f993a5d0575fd34f30c33f5371f64c0444fb0bb99103193504
openssl-libs-debuginfo-3.0.1-46.el9_0.x86_64.rpm
SHA-256: 859aafbc5be51632da11e1efdafdf03f71c58fd33df8fd08b7d7ba46d167353a
openssl-libs-debuginfo-3.0.1-46.el9_0.x86_64.rpm
SHA-256: 859aafbc5be51632da11e1efdafdf03f71c58fd33df8fd08b7d7ba46d167353a
openssl-perl-3.0.1-46.el9_0.x86_64.rpm
SHA-256: 24c08b6069c5f918b2dbfec12dfceac6f5c8af86ffd16eed307fd45d2345b838
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0
SRPM
openssl-3.0.1-46.el9_0.src.rpm
SHA-256: c68f7ccb98a65593c793d42450c5e117178dade48c2bcc376c68f6b2673e7fb2
s390x
openssl-3.0.1-46.el9_0.s390x.rpm
SHA-256: a7695f8c410432c7906decec498f4c89cc8de6a688759089090f5a50e462e036
openssl-debuginfo-3.0.1-46.el9_0.s390x.rpm
SHA-256: 072785436c2a7fc2a5f0c3c48f8c2ee4294559378af20f63aed93561f8784322
openssl-debuginfo-3.0.1-46.el9_0.s390x.rpm
SHA-256: 072785436c2a7fc2a5f0c3c48f8c2ee4294559378af20f63aed93561f8784322
openssl-debugsource-3.0.1-46.el9_0.s390x.rpm
SHA-256: 5f7b47c04d1defedf48b12712d3d63de3495217c3c6f244620e425b6664d4ffa
openssl-debugsource-3.0.1-46.el9_0.s390x.rpm
SHA-256: 5f7b47c04d1defedf48b12712d3d63de3495217c3c6f244620e425b6664d4ffa
openssl-devel-3.0.1-46.el9_0.s390x.rpm
SHA-256: 48c17ca84c8b9b8d8bd753257ae3fdf834d7f726a1ee17493d8030f89ba4e15d
openssl-libs-3.0.1-46.el9_0.s390x.rpm
SHA-256: 102363357c399595289dd602494283c7fcf7ffa2cb9b82d9da1fcc4a2742a408
openssl-libs-debuginfo-3.0.1-46.el9_0.s390x.rpm
SHA-256: 54722d0134a706528e40e976a5e538c9148b8953385d6af62ceb56ede2307e6f
openssl-libs-debuginfo-3.0.1-46.el9_0.s390x.rpm
SHA-256: 54722d0134a706528e40e976a5e538c9148b8953385d6af62ceb56ede2307e6f
openssl-perl-3.0.1-46.el9_0.s390x.rpm
SHA-256: 40e0e3c661c52de85e42bc6e269385e8d220c4067388e1bd50aea873637851dd
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0
SRPM
openssl-3.0.1-46.el9_0.src.rpm
SHA-256: c68f7ccb98a65593c793d42450c5e117178dade48c2bcc376c68f6b2673e7fb2
ppc64le
openssl-3.0.1-46.el9_0.ppc64le.rpm
SHA-256: 13e7020c051c3aeaa00828f405c4610510018af1fad8809e4677cd5b29d1e47d
openssl-debuginfo-3.0.1-46.el9_0.ppc64le.rpm
SHA-256: 739760a409a2f62df9a6ff84b3675e5f8877be1ec4d63fa18b27b1d2b8e75594
openssl-debuginfo-3.0.1-46.el9_0.ppc64le.rpm
SHA-256: 739760a409a2f62df9a6ff84b3675e5f8877be1ec4d63fa18b27b1d2b8e75594
openssl-debugsource-3.0.1-46.el9_0.ppc64le.rpm
SHA-256: abea0c0714027edddbd2abc7e11a15e643d957e86ef3b5fbf1c2ebfda5cd9c6a
openssl-debugsource-3.0.1-46.el9_0.ppc64le.rpm
SHA-256: abea0c0714027edddbd2abc7e11a15e643d957e86ef3b5fbf1c2ebfda5cd9c6a
openssl-devel-3.0.1-46.el9_0.ppc64le.rpm
SHA-256: b102f5171412f854cf49ee91422f3b2cf38f5c8b4cff9beb0869a87fe0c8baa3
openssl-libs-3.0.1-46.el9_0.ppc64le.rpm
SHA-256: fa404649b0194586f880d33ffab284c64b689e2b9c9703d2822ecf80f76a3fa3
openssl-libs-debuginfo-3.0.1-46.el9_0.ppc64le.rpm
SHA-256: 9081dbbd8953999afa1e9ef0819a399aad8ce5280006cdf1e339f27062cde529
openssl-libs-debuginfo-3.0.1-46.el9_0.ppc64le.rpm
SHA-256: 9081dbbd8953999afa1e9ef0819a399aad8ce5280006cdf1e339f27062cde529
openssl-perl-3.0.1-46.el9_0.ppc64le.rpm
SHA-256: f206950ce8bd3a889f5a9e44feec40b281419ed7f7381b4e42ad8dc60e37acde
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0
SRPM
openssl-3.0.1-46.el9_0.src.rpm
SHA-256: c68f7ccb98a65593c793d42450c5e117178dade48c2bcc376c68f6b2673e7fb2
aarch64
openssl-3.0.1-46.el9_0.aarch64.rpm
SHA-256: a5ef9597f995de3c40d1389531b2361e88c9ae573e53b39f96c3d3f20f6ef088
openssl-debuginfo-3.0.1-46.el9_0.aarch64.rpm
SHA-256: d56f424dc5ccee6f4a12e04b10460205777edd35f235c13fa7bae3332efa8125
openssl-debuginfo-3.0.1-46.el9_0.aarch64.rpm
SHA-256: d56f424dc5ccee6f4a12e04b10460205777edd35f235c13fa7bae3332efa8125
openssl-debugsource-3.0.1-46.el9_0.aarch64.rpm
SHA-256: e9f2b79c754c9384e4a996ecfaee7b697a303bda60c22c1de2217ebc8e5971ca
openssl-debugsource-3.0.1-46.el9_0.aarch64.rpm
SHA-256: e9f2b79c754c9384e4a996ecfaee7b697a303bda60c22c1de2217ebc8e5971ca
openssl-devel-3.0.1-46.el9_0.aarch64.rpm
SHA-256: 152a6579ae9b8819e4ab01c4ddeeba590341d370ecc4c53cb6270261297e2ac4
openssl-libs-3.0.1-46.el9_0.aarch64.rpm
SHA-256: a73890d645168001f4b12abc9b514fa04578af8d137ed18d3fa203ca8f2f08ec
openssl-libs-debuginfo-3.0.1-46.el9_0.aarch64.rpm
SHA-256: 9b3ade5a69f8e26d849335bf7fcc0db55bb0bbdccbf05e6109a2b1f4b0c20ced
openssl-libs-debuginfo-3.0.1-46.el9_0.aarch64.rpm
SHA-256: 9b3ade5a69f8e26d849335bf7fcc0db55bb0bbdccbf05e6109a2b1f4b0c20ced
openssl-perl-3.0.1-46.el9_0.aarch64.rpm
SHA-256: 859bc0b76ada3ce68092cd0e10e46e7cd30183e47c679a5d8d74e9c08cdfc562
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0
SRPM
openssl-3.0.1-46.el9_0.src.rpm
SHA-256: c68f7ccb98a65593c793d42450c5e117178dade48c2bcc376c68f6b2673e7fb2
ppc64le
openssl-3.0.1-46.el9_0.ppc64le.rpm
SHA-256: 13e7020c051c3aeaa00828f405c4610510018af1fad8809e4677cd5b29d1e47d
openssl-debuginfo-3.0.1-46.el9_0.ppc64le.rpm
SHA-256: 739760a409a2f62df9a6ff84b3675e5f8877be1ec4d63fa18b27b1d2b8e75594
openssl-debuginfo-3.0.1-46.el9_0.ppc64le.rpm
SHA-256: 739760a409a2f62df9a6ff84b3675e5f8877be1ec4d63fa18b27b1d2b8e75594
openssl-debugsource-3.0.1-46.el9_0.ppc64le.rpm
SHA-256: abea0c0714027edddbd2abc7e11a15e643d957e86ef3b5fbf1c2ebfda5cd9c6a
openssl-debugsource-3.0.1-46.el9_0.ppc64le.rpm
SHA-256: abea0c0714027edddbd2abc7e11a15e643d957e86ef3b5fbf1c2ebfda5cd9c6a
openssl-devel-3.0.1-46.el9_0.ppc64le.rpm
SHA-256: b102f5171412f854cf49ee91422f3b2cf38f5c8b4cff9beb0869a87fe0c8baa3
openssl-libs-3.0.1-46.el9_0.ppc64le.rpm
SHA-256: fa404649b0194586f880d33ffab284c64b689e2b9c9703d2822ecf80f76a3fa3
openssl-libs-debuginfo-3.0.1-46.el9_0.ppc64le.rpm
SHA-256: 9081dbbd8953999afa1e9ef0819a399aad8ce5280006cdf1e339f27062cde529
openssl-libs-debuginfo-3.0.1-46.el9_0.ppc64le.rpm
SHA-256: 9081dbbd8953999afa1e9ef0819a399aad8ce5280006cdf1e339f27062cde529
openssl-perl-3.0.1-46.el9_0.ppc64le.rpm
SHA-256: f206950ce8bd3a889f5a9e44feec40b281419ed7f7381b4e42ad8dc60e37acde
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0
SRPM
openssl-3.0.1-46.el9_0.src.rpm
SHA-256: c68f7ccb98a65593c793d42450c5e117178dade48c2bcc376c68f6b2673e7fb2
x86_64
openssl-3.0.1-46.el9_0.x86_64.rpm
SHA-256: 29f3f3f6b366e2b87c7a8228d1df71d9c45fe241fdba9b47cd30f5663d32b0cf
openssl-debuginfo-3.0.1-46.el9_0.i686.rpm
SHA-256: b73ab9c39f635c3ecade7f36de3568d71a74cfdbd229b7b23fccee0571c91ca9
openssl-debuginfo-3.0.1-46.el9_0.i686.rpm
SHA-256: b73ab9c39f635c3ecade7f36de3568d71a74cfdbd229b7b23fccee0571c91ca9
openssl-debuginfo-3.0.1-46.el9_0.x86_64.rpm
SHA-256: a924ef907f0c0dafa4335807c0371273c61cce710814961e3f78d35fa959dadd
openssl-debuginfo-3.0.1-46.el9_0.x86_64.rpm
SHA-256: a924ef907f0c0dafa4335807c0371273c61cce710814961e3f78d35fa959dadd
openssl-debugsource-3.0.1-46.el9_0.i686.rpm
SHA-256: bb6f9f0ec9eb6f20e880fbcced72280b2a568f0567a4c7fa7c12e82cd201966e
openssl-debugsource-3.0.1-46.el9_0.i686.rpm
SHA-256: bb6f9f0ec9eb6f20e880fbcced72280b2a568f0567a4c7fa7c12e82cd201966e
openssl-debugsource-3.0.1-46.el9_0.x86_64.rpm
SHA-256: 1391a8ac5a14d3d271504e00f8d712058db9674079343eb761af73c1d45b11ea
openssl-debugsource-3.0.1-46.el9_0.x86_64.rpm
SHA-256: 1391a8ac5a14d3d271504e00f8d712058db9674079343eb761af73c1d45b11ea
openssl-devel-3.0.1-46.el9_0.i686.rpm
SHA-256: 8d58a4d9931aac512297956bea6b1c2261ea7180f73b01013750b3bb6ba43932
openssl-devel-3.0.1-46.el9_0.x86_64.rpm
SHA-256: 002d465e9675d885b24c4e00afcf1557f0cd725bd0ee50f4badb0e8e620bb99f
openssl-libs-3.0.1-46.el9_0.i686.rpm
SHA-256: a8c25dc20623a72aa5a284bea2f986ff27d67732bd38882ab519c4aac6fad995
openssl-libs-3.0.1-46.el9_0.x86_64.rpm
SHA-256: fed4bfa85d792967ad457bca405c8ec3cbb27b59bbd69c3429489793f34cbcc7
openssl-libs-debuginfo-3.0.1-46.el9_0.i686.rpm
SHA-256: 539530349ef901f993a5d0575fd34f30c33f5371f64c0444fb0bb99103193504
openssl-libs-debuginfo-3.0.1-46.el9_0.i686.rpm
SHA-256: 539530349ef901f993a5d0575fd34f30c33f5371f64c0444fb0bb99103193504
openssl-libs-debuginfo-3.0.1-46.el9_0.x86_64.rpm
SHA-256: 859aafbc5be51632da11e1efdafdf03f71c58fd33df8fd08b7d7ba46d167353a
openssl-libs-debuginfo-3.0.1-46.el9_0.x86_64.rpm
SHA-256: 859aafbc5be51632da11e1efdafdf03f71c58fd33df8fd08b7d7ba46d167353a
openssl-perl-3.0.1-46.el9_0.x86_64.rpm
SHA-256: 24c08b6069c5f918b2dbfec12dfceac6f5c8af86ffd16eed307fd45d2345b838
Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0
SRPM
openssl-3.0.1-46.el9_0.src.rpm
SHA-256: c68f7ccb98a65593c793d42450c5e117178dade48c2bcc376c68f6b2673e7fb2
aarch64
openssl-3.0.1-46.el9_0.aarch64.rpm
SHA-256: a5ef9597f995de3c40d1389531b2361e88c9ae573e53b39f96c3d3f20f6ef088
openssl-debuginfo-3.0.1-46.el9_0.aarch64.rpm
SHA-256: d56f424dc5ccee6f4a12e04b10460205777edd35f235c13fa7bae3332efa8125
openssl-debuginfo-3.0.1-46.el9_0.aarch64.rpm
SHA-256: d56f424dc5ccee6f4a12e04b10460205777edd35f235c13fa7bae3332efa8125
openssl-debugsource-3.0.1-46.el9_0.aarch64.rpm
SHA-256: e9f2b79c754c9384e4a996ecfaee7b697a303bda60c22c1de2217ebc8e5971ca
openssl-debugsource-3.0.1-46.el9_0.aarch64.rpm
SHA-256: e9f2b79c754c9384e4a996ecfaee7b697a303bda60c22c1de2217ebc8e5971ca
openssl-devel-3.0.1-46.el9_0.aarch64.rpm
SHA-256: 152a6579ae9b8819e4ab01c4ddeeba590341d370ecc4c53cb6270261297e2ac4
openssl-libs-3.0.1-46.el9_0.aarch64.rpm
SHA-256: a73890d645168001f4b12abc9b514fa04578af8d137ed18d3fa203ca8f2f08ec
openssl-libs-debuginfo-3.0.1-46.el9_0.aarch64.rpm
SHA-256: 9b3ade5a69f8e26d849335bf7fcc0db55bb0bbdccbf05e6109a2b1f4b0c20ced
openssl-libs-debuginfo-3.0.1-46.el9_0.aarch64.rpm
SHA-256: 9b3ade5a69f8e26d849335bf7fcc0db55bb0bbdccbf05e6109a2b1f4b0c20ced
openssl-perl-3.0.1-46.el9_0.aarch64.rpm
SHA-256: 859bc0b76ada3ce68092cd0e10e46e7cd30183e47c679a5d8d74e9c08cdfc562
Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0
SRPM
openssl-3.0.1-46.el9_0.src.rpm
SHA-256: c68f7ccb98a65593c793d42450c5e117178dade48c2bcc376c68f6b2673e7fb2
s390x
openssl-3.0.1-46.el9_0.s390x.rpm
SHA-256: a7695f8c410432c7906decec498f4c89cc8de6a688759089090f5a50e462e036
openssl-debuginfo-3.0.1-46.el9_0.s390x.rpm
SHA-256: 072785436c2a7fc2a5f0c3c48f8c2ee4294559378af20f63aed93561f8784322
openssl-debuginfo-3.0.1-46.el9_0.s390x.rpm
SHA-256: 072785436c2a7fc2a5f0c3c48f8c2ee4294559378af20f63aed93561f8784322
openssl-debugsource-3.0.1-46.el9_0.s390x.rpm
SHA-256: 5f7b47c04d1defedf48b12712d3d63de3495217c3c6f244620e425b6664d4ffa
openssl-debugsource-3.0.1-46.el9_0.s390x.rpm
SHA-256: 5f7b47c04d1defedf48b12712d3d63de3495217c3c6f244620e425b6664d4ffa
openssl-devel-3.0.1-46.el9_0.s390x.rpm
SHA-256: 48c17ca84c8b9b8d8bd753257ae3fdf834d7f726a1ee17493d8030f89ba4e15d
openssl-libs-3.0.1-46.el9_0.s390x.rpm
SHA-256: 102363357c399595289dd602494283c7fcf7ffa2cb9b82d9da1fcc4a2742a408
openssl-libs-debuginfo-3.0.1-46.el9_0.s390x.rpm
SHA-256: 54722d0134a706528e40e976a5e538c9148b8953385d6af62ceb56ede2307e6f
openssl-libs-debuginfo-3.0.1-46.el9_0.s390x.rpm
SHA-256: 54722d0134a706528e40e976a5e538c9148b8953385d6af62ceb56ede2307e6f
openssl-perl-3.0.1-46.el9_0.s390x.rpm
SHA-256: 40e0e3c661c52de85e42bc6e269385e8d220c4067388e1bd50aea873637851dd
Related news
Gentoo Linux Security Advisory 202402-8 - Multiple vulnerabilities have been found in OpenSSL, the worst of which could result in denial of service. Versions greater than or equal to 3.0.10 are affected.
Ubuntu Security Notice 6564-1 - Hubert Kario discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. CarpetFuzz, Dawei Wang discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.
Red Hat Security Advisory 2023-5103-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.11.6 images.
Red Hat OpenShift Container Platform release 4.11.46 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: A flaw was found in golang. The language package for go language can panic due to an out-of-bounds read when an incorrectly formatted language tag is being parsed. This flaw allows a...
Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).
Red Hat Security Advisory 2023-4128-01 - EDK is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Issues addressed include a use-after-free vulnerability.
Red Hat OpenShift Service Mesh 2.3.5 Containers Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptog...
Red Hat OpenShift Service Mesh 2.2.8 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modu...
Red Hat OpenShift Container Platform release 4.12.22 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4235: A flaw was found in go-yaml. This issue occurs due to unbounded alias chasing, where a maliciously crafted YAML file can cause the system to consume significant system resources. If p...
Red Hat OpenShift Container Platform release 4.13.4 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number...
Red Hat Security Advisory 2023-3624-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include a denial of service vulnerability.
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.
Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2006-20001: A flaw was found in the mod_dav module of httpd. A specially crafted "If:" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service. * CVE-2022-4304: A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficien...
An update for openssl is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4304: A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages for decryption. This issu...
Red Hat Security Advisory 2023-0584-01 - Secondary Scheduler Operator for Red Hat OpenShift 1.1.1. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-1326-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.0. Issues addressed include bypass, denial of service, information leakage, out of bounds read, and remote SQL injection vulnerabilities.
Red Hat OpenShift Container Platform release 4.13.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4235: A flaw was found in go-yaml. This issue occurs due to unbounded alias chasing, where a maliciously crafted YAML file can cause the system to consume significant system resources. If p...
Red Hat Security Advisory 2023-2110-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.16. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-2104-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-2098-01 - Multicluster Engine for Kubernetes 2.0.8 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.
Red Hat Advanced Cluster Management for Kubernetes 2.5.8 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25881: A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.
Red Hat Advanced Cluster Management for Kubernetes 2.6.5 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3841: A Server-Side Request Forgery (SSRF) vulnerability was found in the console API endpoint from Red Hat Advanced Cluster Management for Kubernetes (RHACM). An attacker could take advantage of this as the console API endpoint is missing an authentication check, allowing unauth...
Red Hat Security Advisory 2023-2061-01 - Multicluster Engine for Kubernetes 2.1.6 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-2041-01 - Migration Toolkit for Applications 6.1.0 Images. Issues addressed include denial of service, privilege escalation, server-side request forgery, and traversal vulnerabilities.
Red Hat Security Advisory 2023-2023-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.
Red Hat Security Advisory 2023-1887-01 - Multicluster Engine for Kubernetes 2.2.3 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a denial of service vulnerability.
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.11.7 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-40186: A flaw was found in HashiCorp Vault and Vault Enterprise, where they could allow a locally authenticated attacker to gain unauthorized access to the system, caused by a flaw in the alias naming schema implementation for mount accessors with shared alias n...
Red Hat Security Advisory 2023-1816-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.
Red Hat Security Advisory 2023-1888-01 - Red Hat Advanced Cluster Management for Kubernetes 2.7.3 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service and server-side request forgery vulnerabilities.
Red Hat Security Advisory 2023-1893-01 - Red Hat Multicluster Engine Hotfix Security Update for Console. Red Hat Product Security has rated this update as having a security impact of Critical.
Red Hat Multicluster Engine Hotfix Security Update for Console Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-29017: A flaw was found in vm2 where the component was not properly handling asynchronous errors. This flaw allows a remote, unauthenticated attacker to escape the restrictions of the sandbox and execute code on the host. * CVE-2023-29199: There exists a vulnerability in source code transformer (exception sanitization logic) of vm2 for versions up to 3.9.15, al...
Red Hat Advanced Cluster Management for Kubernetes 2.7.3 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3841: A Server-Side Request Forgery (SSRF) vulnerability was found in the console API endpoint from Red Hat Advanced Cluster Management for Kubernetes (RHACM). An attacker could take advantage of this as the console API endpoint is missing an authentication check, allowing unauth...
Multicluster Engine for Kubernetes 2.2.3 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25881: A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server. * CVE-2023-29017: A flaw was found in vm2 where the component...
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through...
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.12.2 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While ...
Red Hat Security Advisory 2023-1525-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.59.
Red Hat Security Advisory 2023-1504-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.34.
Red Hat Security Advisory 2023-1310-01 - An update is now available for Logging Subsystem for Red Hat OpenShift - 5.5.9. Red Hat Product Security has rated this update as having a security impact of Moderate.
An update is now available for Logging Subsystem for Red Hat OpenShift - 5.5.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large...
Red Hat Security Advisory 2023-1437-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.
Red Hat Security Advisory 2023-1439-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.
Red Hat Security Advisory 2023-1438-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.
An update for openssl is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0286: A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled (for example, the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to r...
An update for openssl is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0286: A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled (for example, the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to r...
An update for openssl is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0286: A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled (for example, the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to ...
An update for openssl is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0286: A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled (for example, the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling...
An update for openssl is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4304: A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages for decryption. This issue affects all RSA padding...
Red Hat Security Advisory 2023-1335-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.
An update for openssl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0286: A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled (for example, the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or cau...
Red Hat Security Advisory 2023-1199-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Issues addressed include buffer overflow, double free, and use-after-free vulnerabilities.
The bundle management subsystem within OpenHarmony-v3.1.4 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause a DoS attack to the system when installing a malicious HAP package.
The bundle management subsystem within OpenHarmony-v3.1.4 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause a DoS attack to the system when installing a malicious HAP package.
The bundle management subsystem within OpenHarmony-v3.1.4 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause a DoS attack to the system when installing a malicious HAP package.
The bundle management subsystem within OpenHarmony-v3.1.4 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause a DoS attack to the system when installing a malicious HAP package.
An update for openssl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4203: A flaw was found in Open SSL. A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification, and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite...
An update for openssl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4203: A flaw was found in Open SSL. A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification, and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite...
An update for openssl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4203: A flaw was found in Open SSL. A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification, and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite...
An update for openssl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4203: A flaw was found in Open SSL. A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification, and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite...
An update for openssl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4203: A flaw was found in Open SSL. A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification, and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite...
An update for openssl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4203: A flaw was found in Open SSL. A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification, and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite...
An update for openssl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4203: A flaw was found in Open SSL. A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification, and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite...
An update for openssl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4203: A flaw was found in Open SSL. A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification, and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite...
Your fortnightly rundown of AppSec vulnerabilities, new hacking techniques, and other cybersecurity news
The OpenSSL Project has released fixes to address several security flaws, including a high-severity bug in the open source encryption toolkit that could potentially expose users to malicious attacks. Tracked as CVE-2023-0286, the issue relates to a case of type confusion that may permit an adversary to "read memory contents or enact a denial-of-service," the maintainers said in an advisory. The
The OpenSSL Project has released fixes to address several security flaws, including a high-severity bug in the open source encryption toolkit that could potentially expose users to malicious attacks. Tracked as CVE-2023-0286, the issue relates to a case of type confusion that may permit an adversary to "read memory contents or enact a denial-of-service," the maintainers said in an advisory. The
The OpenSSL Project has released fixes to address several security flaws, including a high-severity bug in the open source encryption toolkit that could potentially expose users to malicious attacks. Tracked as CVE-2023-0286, the issue relates to a case of type confusion that may permit an adversary to "read memory contents or enact a denial-of-service," the maintainers said in an advisory. The
The OpenSSL Project has released fixes to address several security flaws, including a high-severity bug in the open source encryption toolkit that could potentially expose users to malicious attacks. Tracked as CVE-2023-0286, the issue relates to a case of type confusion that may permit an adversary to "read memory contents or enact a denial-of-service," the maintainers said in an advisory. The
The OpenSSL Project has released fixes to address several security flaws, including a high-severity bug in the open source encryption toolkit that could potentially expose users to malicious attacks. Tracked as CVE-2023-0286, the issue relates to a case of type confusion that may permit an adversary to "read memory contents or enact a denial-of-service," the maintainers said in an advisory. The
The OpenSSL Project has released fixes to address several security flaws, including a high-severity bug in the open source encryption toolkit that could potentially expose users to malicious attacks. Tracked as CVE-2023-0286, the issue relates to a case of type confusion that may permit an adversary to "read memory contents or enact a denial-of-service," the maintainers said in an advisory. The
The OpenSSL Project has released fixes to address several security flaws, including a high-severity bug in the open source encryption toolkit that could potentially expose users to malicious attacks. Tracked as CVE-2023-0286, the issue relates to a case of type confusion that may permit an adversary to "read memory contents or enact a denial-of-service," the maintainers said in an advisory. The
The OpenSSL Project has released fixes to address several security flaws, including a high-severity bug in the open source encryption toolkit that could potentially expose users to malicious attacks. Tracked as CVE-2023-0286, the issue relates to a case of type confusion that may permit an adversary to "read memory contents or enact a denial-of-service," the maintainers said in an advisory. The
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.
The public API function `BIO_new_NDEF` is a helper function used for streaming ASN.1 data via a `BIO`. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a `BIO` from the caller, prepends a new `BIO_f_asn1` filter `BIO` onto the front of it to form a `BIO` chain, and then returns the new head of the `BIO` chain to the caller. Under certain conditions, for example if a CMS recipient public key is invalid, the new filter `BIO` is freed and the function returns a `NULL` result indicating a failure. However, in this case, the `BIO` chain is not properly cleaned up and the `BIO` passed by the caller still retains internal pointers to the previously freed filter `BIO`. If the caller then goes on to call `BIO_pop()` on the `BIO` then a use-after-free will occur. This will most likely result in a crash. This scenario occurs directly in the internal function `B64...
A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. The read buffer overrun might result in a crash which could lead to a denial of service attack. In theory it could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext) although we are not aware of any working exploit leading to memory contents disclosure as of the time of release of this advisory. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the `d2i_PKCS7()`, `d2i_PKCS7_bio()` or `d2i_PKCS7_fp()` functions. The result of the dereference is an application crash which could lead to a denial of service attack. The TLS implementation in OpenSSL does not call this function however third party applications might call these functions on untrusted data.
The function `PEM_read_bio_ex()` reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case `PEM_read_bio_ex()` will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. This will most likely lead to a crash. This could be exploited by an attacker who has the ability to supply malicious PEM files for parsing to achieve a denial of service attack. The functions `PEM_read_bio()` and `PEM_read()` are simple wrappers around `PEM_read_bio_ex()` and therefore these functions are also directly affected. The...
An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the `EVP_PKEY_public_check()` function. This will most likely lead to an application crash. This function can be called on public keys supplied from untrusted sources which could allow an attacker to cause a denial of service attack. The TLS implementation in OpenSSL does not call this function but applications might call the function if there are additional security requirements imposed by standards such as FIPS 140-3.
A `NULL` pointer can be dereferenced when signatures are being verified on PKCS7 `signed` or `signedAndEnveloped` data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.
pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 0.8.1-39.0.0 are vulnerable to a security issue. More details about the vulnerabilities themselves can be found in https://www.openssl.org/news/secadv/20221213.txt and https://www.openssl.org/news/secadv/20230207.txt. If you are building cryptography source ("sdist") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on PyPI) need to update their cryptography versions.
A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.
A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.
A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.
A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.
A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.
A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.
A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.
A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail. There is a missing check for the return value from the initialization function which later leads to invalid usage of the digest API most likely leading to a crash. The unavailability of an algorithm can be caused by using FIPS enabled configuration of providers or more commonly by not loading the legacy provider. PKCS7 data is processed by the SMIME library calls and also by the time stamp (TS) library calls. The TLS implementation in OpenSSL does not call these functions however third party applications would be affected if they call these functions to verify signatures on untrusted data.
Ubuntu Security Notice 5845-2 - USN-5845-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary memory contents or cause OpenSSL to crash, resulting in a denial of service.
Ubuntu Security Notice 5845-2 - USN-5845-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. David Benjamin discovered that OpenSSL incorrectly handled X.400 address processing. A remote attacker could possibly use this issue to read arbitrary memory contents or cause OpenSSL to crash, resulting in a denial of service.