CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-4450 – Double free after calling PEM_read_bio_ex
https://notcve.org/view.php?id=CVE-2022-4450
07 Feb 2023 — The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will popula... • https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=63bcf189be73a9cc1264059bed6f57974be74a83 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-0215 – Use-after-free following BIO_new_NDEF
https://notcve.org/view.php?id=CVE-2023-0215
07 Feb 2023 — The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receives a BIO from the caller, prepends a new BIO_f_asn1 filter BIO onto the front of it to form a BIO chain, and then returns the new head of the BIO chain to the caller. Under certain conditions, for example if a CMS recipient public ke... • https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8818064ce3c3c0f1b740a5aaba2a987e75bfbafd • CWE-416: Use After Free •
CVSS: 7.4EPSS: 85%CPEs: 9EXPL: 0CVE-2023-0286 – X.400 address type confusion in X.509 GeneralName
https://notcve.org/view.php?id=CVE-2023-0286
07 Feb 2023 — There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may a... • https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.2-relnotes.txt • CWE-704: Incorrect Type Conversion or Cast CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.3EPSS: 0%CPEs: 22EXPL: 1CVE-2022-2097 – AES OCB fails to encrypt some bytes
https://notcve.org/view.php?id=CVE-2022-2097
05 Jul 2022 — AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). • https://github.com/PeterThomasAwen/OpenSSLUpgrade1.1.1q-Ubuntu • CWE-325: Missing Cryptographic Step CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 10.0EPSS: 71%CPEs: 50EXPL: 1CVE-2022-2068 – The c_rehash script allows command injection
https://notcve.org/view.php?id=CVE-2022-2068
21 Jun 2022 — In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where... • https://packetstorm.news/files/id/182466 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 76%CPEs: 59EXPL: 5CVE-2022-1292 – The c_rehash script allows command injection
https://notcve.org/view.php?id=CVE-2022-1292
03 May 2022 — The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). • https://github.com/alcaparra/CVE-2022-1292 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 11%CPEs: 32EXPL: 8CVE-2022-0778 – Infinite loop in BN_mod_sqrt() reachable when parsing certificates
https://notcve.org/view.php?id=CVE-2022-0778
15 Mar 2022 — The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of ... • https://packetstorm.news/files/id/167344 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.9EPSS: 0%CPEs: 35EXPL: 0CVE-2021-4160 – BN_mod_exp may produce incorrect results on MIPS
https://notcve.org/view.php?id=CVE-2021-4160
28 Jan 2022 — There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because ... • https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf •
CVSS: 7.5EPSS: 27%CPEs: 28EXPL: 1CVE-2021-4044 – Invalid handling of X509_verify_cert() internal errors in libssl
https://notcve.org/view.php?id=CVE-2021-4044
14 Dec 2021 — Internally libssl in OpenSSL calls X509_verify_cert() on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error (for example out of memory). Such a negative return value is mishandled by OpenSSL and will cause an IO function (such as SSL_connect() or SSL_do_handshake()) to not indicate success and a subsequent call to SSL_get_error() to return the value SSL_ERROR_WANT_RETRY_VERIFY. This return value is only supposed to be ... • https://github.com/phirojshah/CVE-2021-4044 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.4EPSS: 0%CPEs: 56EXPL: 0CVE-2021-3712 – Read buffer overruns processing ASN.1 strings
https://notcve.org/view.php?id=CVE-2021-3712
24 Aug 2021 — ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set... • http://www.openwall.com/lists/oss-security/2021/08/26/2 • CWE-125: Out-of-bounds Read •