The OpenSSL Project has released fixes to address several security flaws, including a high-severity bug in the open source encryption toolkit that could potentially expose users to malicious attacks.
Tracked as CVE-2023-0286, the issue relates to a case of type confusion that may permit an adversary to “read memory contents or enact a denial-of-service,” the maintainers said in an advisory.
The vulnerability is rooted in the way the popular cryptographic library handles X.509 certificates, and is likely to impact only those applications that have a custom implementation for retrieving a certificate revocation list (CRL) over a network.
“In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature,” OpenSSL said. “If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon.”
Type confusion flaws could have serious consequences, as they could be weaponized to deliberately force the program to behave in unintended ways, possibly causing a crash or code execution.
The issue has been patched in OpenSSL versions 3.0.8, 1.1.1t, and 1.0.2zg. Other security flaws addressed as part of the latest updates include:
- CVE-2022-4203 – X.509 Name Constraints Read Buffer Overflow
- CVE-2022-4304 – Timing Oracle in RSA Decryption
- CVE-2022-4450 – Double free after calling PEM_read_bio_ex
- CVE-2023-0215 – Use-after-free following BIO_new_NDEF
- CVE-2023-0216 – Invalid pointer dereference in d2i_PKCS7 functions
- CVE-2023-0217 – NULL dereference validating DSA public key
- CVE-2023-0401 – NULL dereference during PKCS7 data verification
Successful exploitation of the above shortcomings could lead to an application crash, disclose memory contents, and even recover plaintext messages sent over a network by taking advantage of a timing-based side-channel in what’s a Bleichenbacher-style attack.
The fixes arrive nearly two months after OpenSSL plugged a low-severity flaw (CVE-2022-3996) that arises when processing an X.509 certificate, resulting in a denial-of-service condition.