Select your cookie preferences

We use cookies and similar tools to enhance your experience, provide our services, deliver relevant advertising, and make improvements. Approved third parties also use these tools to help us deliver advertising and provide certain site features.

CVE-2023-0286

Public on 2023-02-08
Modified on 2023-06-12
Description

A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled (for example, the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or cause a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, of which neither needs a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. In this case, this vulnerability is likely only to affect applications that have implemented their own functionality for retrieving CRLs over a network.

Severity
Important
See what this means
CVSS v3 Base Score
8.1
See breakdown
Continue reading

Affected Packages

Platform Package Release Date Advisory
Amazon Linux 1 openssl 2023-02-03 23:39 ALAS-2023-1683
Amazon Linux 2 - Core openssl 2023-02-03 19:19 ALAS2-2023-1935
Amazon Linux 2023 openssl 2023-02-17 20:48 ALAS2023-2023-101
Amazon Linux 2 - Openssl-snapsafe Extra openssl-snapsafe 2023-07-17 19:30 ALAS2OPENSSL-SNAPSAFE-2023-002
Amazon Linux 2 - Core openssl11 2023-02-03 19:19 ALAS2-2023-1934
Amazon Linux 2 - Core edk2 2024-03-13 20:26 ALAS2-2024-2502

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 8.1 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
NVD CVSSv3 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H