github - ghsa-jq65-29v4-4x35

ghsa-jq65-29v4-4x35

Vulnerability from github

Published

2021-08-25 20:45

Modified

2021-08-19 21:21

Severity

7.5 (High) - CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

Null pointer deference in openssl-src

Details

Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "openssl-src"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "111.6.0"
            },
            {
              "fixed": "111.9.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-1967"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-08-19T21:21:21Z",
    "nvd_published_at": "2020-04-21T14:15:00Z",
    "severity": "HIGH"
  },
  "details": "Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the \"signature_algorithms_cert\" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).",
  "id": "GHSA-jq65-29v4-4x35",
  "modified": "2021-08-19T21:21:21Z",
  "published": "2021-08-25T20:45:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1967"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/tns-2021-10"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/tns-2020-11"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/tns-2020-04"
    },
    {
      "type": "WEB",
      "url": "https://www.tenable.com/security/tns-2020-03"
    },
    {
      "type": "WEB",
      "url": "https://www.synology.com/security/advisory/Synology_SA_20_05_OpenSSL"
    },
    {
      "type": "WEB",
      "url": "https://www.synology.com/security/advisory/Synology_SA_20_05"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujul2020.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujan2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.openssl.org/news/secadv/20200421.txt"
    },
    {
      "type": "WEB",
      "url": "https://www.debian.org/security/2020/dsa-4661"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20200717-0004"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20200424-0003"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/202004-10"
    },
    {
      "type": "WEB",
      "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:11.openssl.asc"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2020-0015.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r9a41e304992ce6aec6585a87842b4f2e692604f5c892c37e3b0587ee@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r94d6ac3f010a38fccf4f432b12180a13fa1cf303559bd805648c9064@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r66ea9c436da150683432db5fbc8beb8ae01886c6459ac30c2cea7345@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44440"
    },
    {
      "type": "WEB",
      "url": "https://github.com/irsl/CVE-2020-1967"
    },
    {
      "type": "WEB",
      "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=eb563247aef3e83dda7679c43f9649270462e5b1"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00004.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00011.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/157527/OpenSSL-signature_algorithms_cert-Denial-Of-Service.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2020/May/5"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2020/04/22/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Null pointer deference in openssl-src "
}

cve-2020-1967

Vulnerability from cvelistv5

Published

2020-04-21 13:45

Modified

2024-09-17 03:13

Severity

Summary

Segmentation fault in SSL_check_chain

References

URL	Tags
https://security.FreeBSD.org/advisories/FreeBSD-SA-20:11.openssl.asc	vendor-advisory, x_refsource_FREEBSD
https://www.debian.org/security/2020/dsa-4661	vendor-advisory, x_refsource_DEBIAN
http://www.openwall.com/lists/oss-security/2020/04/22/2	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r9a41e304992ce6aec6585a87842b4f2e692604f5c892c37e3b0587ee%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r66ea9c436da150683432db5fbc8beb8ae01886c6459ac30c2cea7345%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
https://lists.apache.org/thread.html/r94d6ac3f010a38fccf4f432b12180a13fa1cf303559bd805648c9064%40%3Cdev.tomcat.apache.org%3E	mailing-list, x_refsource_MLIST
https://security.gentoo.org/glsa/202004-10	vendor-advisory, x_refsource_GENTOO
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/	vendor-advisory, x_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY/	vendor-advisory, x_refsource_FEDORA
http://seclists.org/fulldisclosure/2020/May/5	mailing-list, x_refsource_FULLDISC
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD/	vendor-advisory, x_refsource_FEDORA
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00004.html	vendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00011.html	vendor-advisory, x_refsource_SUSE
https://www.oracle.com/security-alerts/cpujul2020.html	x_refsource_MISC
https://www.tenable.com/security/tns-2020-03	x_refsource_CONFIRM
https://www.openssl.org/news/secadv/20200421.txt	x_refsource_CONFIRM
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=eb563247aef3e83dda7679c43f9649270462e5b1	x_refsource_CONFIRM
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44440	x_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-20200424-0003/	x_refsource_CONFIRM
https://www.synology.com/security/advisory/Synology_SA_20_05_OpenSSL	x_refsource_CONFIRM
https://github.com/irsl/CVE-2020-1967	x_refsource_MISC
http://packetstormsecurity.com/files/157527/OpenSSL-signature_algorithms_cert-Denial-Of-Service.html	x_refsource_MISC
https://www.synology.com/security/advisory/Synology_SA_20_05	x_refsource_CONFIRM
https://www.tenable.com/security/tns-2020-04	x_refsource_CONFIRM
https://www.oracle.com/security-alerts/cpuoct2020.html	x_refsource_MISC
https://security.netapp.com/advisory/ntap-20200717-0004/	x_refsource_CONFIRM
https://www.oracle.com/security-alerts/cpujan2021.html	x_refsource_MISC
https://www.tenable.com/security/tns-2020-11	x_refsource_CONFIRM
https://www.oracle.com/security-alerts/cpuApr2021.html	x_refsource_MISC
https://www.tenable.com/security/tns-2021-10	x_refsource_CONFIRM
https://www.oracle.com//security-alerts/cpujul2021.html	x_refsource_MISC
https://www.oracle.com/security-alerts/cpuoct2021.html	x_refsource_MISC

Impacted products

Vendor	Product
OpenSSL	OpenSSL

Show details on NVD website