cve-2023-5678
Vulnerability from cvelistv5
Published
2023-11-06 15:47
Modified
2024-08-02 08:07
Severity
Summary
Excessive time spent in DH check / generation with large Q parameter value
References
SourceURLTags
openssl-security@openssl.orghttp://www.openwall.com/lists/oss-security/2024/03/11/1
openssl-security@openssl.orghttps://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055Broken Link
openssl-security@openssl.orghttps://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0cBroken Link
openssl-security@openssl.orghttps://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017Mailing List, Patch
openssl-security@openssl.orghttps://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6Mailing List, Patch
openssl-security@openssl.orghttps://security.netapp.com/advisory/ntap-20231130-0010/
openssl-security@openssl.orghttps://www.openssl.org/news/secadv/20231106.txtVendor Advisory
Impacted products
VendorProduct
OpenSSLOpenSSL
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:07:32.546Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "OpenSSL Advisory",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.openssl.org/news/secadv/20231106.txt"
          },
          {
            "name": "1.0.2zj git commit",
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055"
          },
          {
            "name": "1.1.1x git commit",
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c"
          },
          {
            "name": "3.0.13 git commit",
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017"
          },
          {
            "name": "3.1.5 git commit",
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20231130-0010/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/11/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "OpenSSL",
          "vendor": "OpenSSL",
          "versions": [
            {
              "lessThan": "1.0.2zj",
              "status": "affected",
              "version": "1.0.2",
              "versionType": "custom"
            },
            {
              "lessThan": "1.1.1x",
              "status": "affected",
              "version": "1.1.1",
              "versionType": "custom"
            },
            {
              "lessThan": "3.0.13",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.1.5",
              "status": "affected",
              "version": "3.1.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "David Benjamin (Google)"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Richard Levitte"
        }
      ],
      "datePublic": "2023-11-06T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Issue summary: Generating excessively long X9.42 DH keys or checking\u003cbr\u003eexcessively long X9.42 DH keys or parameters may be very slow.\u003cbr\u003e\u003cbr\u003eImpact summary: Applications that use the functions DH_generate_key() to\u003cbr\u003egenerate an X9.42 DH key may experience long delays.  Likewise, applications\u003cbr\u003ethat use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check()\u003cbr\u003eto check an X9.42 DH key or X9.42 DH parameters may experience long delays.\u003cbr\u003eWhere the key or parameters that are being checked have been obtained from\u003cbr\u003ean untrusted source this may lead to a Denial of Service.\u003cbr\u003e\u003cbr\u003eWhile DH_check() performs all the necessary checks (as of CVE-2023-3817),\u003cbr\u003eDH_check_pub_key() doesn\u0027t make any of these checks, and is therefore\u003cbr\u003evulnerable for excessively large P and Q parameters.\u003cbr\u003e\u003cbr\u003eLikewise, while DH_generate_key() performs a check for an excessively large\u003cbr\u003eP, it doesn\u0027t check for an excessively large Q.\u003cbr\u003e\u003cbr\u003eAn application that calls DH_generate_key() or DH_check_pub_key() and\u003cbr\u003esupplies a key or parameters obtained from an untrusted source could be\u003cbr\u003evulnerable to a Denial of Service attack.\u003cbr\u003e\u003cbr\u003eDH_generate_key() and DH_check_pub_key() are also called by a number of\u003cbr\u003eother OpenSSL functions.  An application calling any of those other\u003cbr\u003efunctions may similarly be affected.  The other functions affected by this\u003cbr\u003eare DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate().\u003cbr\u003e\u003cbr\u003eAlso vulnerable are the OpenSSL pkey command line application when using the\u003cbr\u003e\"-pubcheck\" option, as well as the OpenSSL genpkey command line application.\u003cbr\u003e\u003cbr\u003eThe OpenSSL SSL/TLS implementation is not affected by this issue.\u003cbr\u003e\u003cbr\u003eThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "Issue summary: Generating excessively long X9.42 DH keys or checking\nexcessively long X9.42 DH keys or parameters may be very slow.\n\nImpact summary: Applications that use the functions DH_generate_key() to\ngenerate an X9.42 DH key may experience long delays.  Likewise, applications\nthat use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check()\nto check an X9.42 DH key or X9.42 DH parameters may experience long delays.\nWhere the key or parameters that are being checked have been obtained from\nan untrusted source this may lead to a Denial of Service.\n\nWhile DH_check() performs all the necessary checks (as of CVE-2023-3817),\nDH_check_pub_key() doesn\u0027t make any of these checks, and is therefore\nvulnerable for excessively large P and Q parameters.\n\nLikewise, while DH_generate_key() performs a check for an excessively large\nP, it doesn\u0027t check for an excessively large Q.\n\nAn application that calls DH_generate_key() or DH_check_pub_key() and\nsupplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nDH_generate_key() and DH_check_pub_key() are also called by a number of\nother OpenSSL functions.  An application calling any of those other\nfunctions may similarly be affected.  The other functions affected by this\nare DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate().\n\nAlso vulnerable are the OpenSSL pkey command line application when using the\n\"-pubcheck\" option, as well as the OpenSSL genpkey command line application.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.\n\n"
        }
      ],
      "metrics": [
        {
          "format": "other",
          "other": {
            "content": {
              "text": "LOW"
            },
            "type": "https://www.openssl.org/policies/secpolicy.html"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Excessive Iteration",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-07T13:51:56.427Z",
        "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "shortName": "openssl"
      },
      "references": [
        {
          "name": "OpenSSL Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.openssl.org/news/secadv/20231106.txt"
        },
        {
          "name": "1.0.2zj git commit",
          "tags": [
            "patch"
          ],
          "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055"
        },
        {
          "name": "1.1.1x git commit",
          "tags": [
            "patch"
          ],
          "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c"
        },
        {
          "name": "3.0.13 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017"
        },
        {
          "name": "3.1.5 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20231130-0010/"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/03/11/1"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Excessive time spent in DH check / generation with large Q parameter value",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
    "assignerShortName": "openssl",
    "cveId": "CVE-2023-5678",
    "datePublished": "2023-11-06T15:47:30.795Z",
    "dateReserved": "2023-10-20T09:38:43.518Z",
    "dateUpdated": "2024-08-02T08:07:32.546Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-5678\",\"sourceIdentifier\":\"openssl-security@openssl.org\",\"published\":\"2023-11-06T16:15:42.670\",\"lastModified\":\"2024-05-01T18:15:12.393\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Issue summary: Generating excessively long X9.42 DH keys or checking\\nexcessively long X9.42 DH keys or parameters may be very slow.\\n\\nImpact summary: Applications that use the functions DH_generate_key() to\\ngenerate an X9.42 DH key may experience long delays.  Likewise, applications\\nthat use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check()\\nto check an X9.42 DH key or X9.42 DH parameters may experience long delays.\\nWhere the key or parameters that are being checked have been obtained from\\nan untrusted source this may lead to a Denial of Service.\\n\\nWhile DH_check() performs all the necessary checks (as of CVE-2023-3817),\\nDH_check_pub_key() doesn\u0027t make any of these checks, and is therefore\\nvulnerable for excessively large P and Q parameters.\\n\\nLikewise, while DH_generate_key() performs a check for an excessively large\\nP, it doesn\u0027t check for an excessively large Q.\\n\\nAn application that calls DH_generate_key() or DH_check_pub_key() and\\nsupplies a key or parameters obtained from an untrusted source could be\\nvulnerable to a Denial of Service attack.\\n\\nDH_generate_key() and DH_check_pub_key() are also called by a number of\\nother OpenSSL functions.  An application calling any of those other\\nfunctions may similarly be affected.  The other functions affected by this\\nare DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate().\\n\\nAlso vulnerable are the OpenSSL pkey command line application when using the\\n\\\"-pubcheck\\\" option, as well as the OpenSSL genpkey command line application.\\n\\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\\n\\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.\\n\\n\"},{\"lang\":\"es\",\"value\":\"Resumen del problema: generar claves X9.42 DH excesivamente largas o comprobar claves o par\u00e1metros X9.42 DH excesivamente largos puede ser muy lento. Resumen de impacto: las aplicaciones que utilizan las funciones DH_generate_key() para generar una clave DH X9.42 pueden experimentar grandes retrasos. Del mismo modo, las aplicaciones que utilizan DH_check_pub_key(), DH_check_pub_key_ex() o EVP_PKEY_public_check() para comprobar una clave X9.42 DH o par\u00e1metros X9.42 DH pueden experimentar grandes retrasos. Cuando la clave o los par\u00e1metros que se est\u00e1n verificando se obtuvieron de una fuente que no es confiable, esto puede dar lugar a una Denegaci\u00f3n de Servicio. Mientras que DH_check() realiza todas las comprobaciones necesarias (a partir de CVE-2023-3817), DH_check_pub_key() no realiza ninguna de estas comprobaciones y, por lo tanto, es vulnerable a par\u00e1metros P y Q excesivamente grandes. Del mismo modo, aunque DH_generate_key() realiza una verificaci\u00f3n de una P excesivamente grande, no verifica una Q excesivamente grande. Una aplicaci\u00f3n que llama a DH_generate_key() o DH_check_pub_key() y proporciona una clave o par\u00e1metros obtenidos de una fuente que no es de confianza podr\u00eda ser vulnerable a un ataque de denegaci\u00f3n de servicio. DH_generate_key() y DH_check_pub_key() tambi\u00e9n son llamados por otras funciones de OpenSSL. Una aplicaci\u00f3n que llame a cualquiera de esas otras funciones tambi\u00e9n puede verse afectada. Las otras funciones afectadas por esto son DH_check_pub_key_ex(), EVP_PKEY_public_check() y EVP_PKEY_generate(). Tambi\u00e9n son vulnerables la aplicaci\u00f3n de l\u00ednea de comandos OpenSSL pkey cuando se utiliza la opci\u00f3n \\\"-pubcheck\\\", as\u00ed como la aplicaci\u00f3n de l\u00ednea de comandos OpenSSL genpkey. La implementaci\u00f3n de OpenSSL SSL/TLS no se ve afectada por este problema. Los proveedores FIPS OpenSSL 3.0 y 3.1 no se ven afectados por este problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-754\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.2\",\"versionEndExcluding\":\"1.0.2zj\",\"matchCriteriaId\":\"E30B9424-68AA-4ED4-A1CB-3DA32A2350EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.1.1\",\"versionEndExcluding\":\"1.1.1x\",\"matchCriteriaId\":\"93CF937D-2520-44AF-B40B-B41720BEAB36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndExcluding\":\"3.0.13\",\"matchCriteriaId\":\"21346C7C-ED3A-43D4-BBCB-41D62F7ACBF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1.0\",\"versionEndExcluding\":\"3.1.5\",\"matchCriteriaId\":\"AAD34F57-90D2-415F-9544-70B594D04E53\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2024/03/11/1\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20231130-0010/\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.openssl.org/news/secadv/20231106.txt\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.