csaf_redhat - rhsa-2023

rhsa-2023_6330

Vulnerability from csaf_redhat

Published

2023-11-07 09:08

Modified

2024-11-06 04:07

Summary

Red Hat Security Advisory: edk2 security, bug fix, and enhancement update

Notes

Topic

An update for edk2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fix(es): * edk2: Function GetEfiGlobalVariable2() return value not checked in DxeImageVerificationHandler() (CVE-2019-14560) * openssl: Possible DoS translating ASN.1 object identifiers (CVE-2023-2650) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.3 Release Notes linked from the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for edk2 is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "EDK (Embedded Development Kit) is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. \n\nSecurity Fix(es):\n\n* edk2: Function GetEfiGlobalVariable2() return value not checked in DxeImageVerificationHandler() (CVE-2019-14560)\n\n* openssl: Possible DoS translating ASN.1 object identifiers (CVE-2023-2650)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 9.3 Release Notes linked from the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2023:6330",
        "url": "https://access.redhat.com/errata/RHSA-2023:6330"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.3_release_notes/index",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.3_release_notes/index"
      },
      {
        "category": "external",
        "summary": "1858038",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858038"
      },
      {
        "category": "external",
        "summary": "2055123",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2055123"
      },
      {
        "category": "external",
        "summary": "2124143",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124143"
      },
      {
        "category": "external",
        "summary": "2174749",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2174749"
      },
      {
        "category": "external",
        "summary": "2176920",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176920"
      },
      {
        "category": "external",
        "summary": "2186754",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186754"
      },
      {
        "category": "external",
        "summary": "2189136",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189136"
      },
      {
        "category": "external",
        "summary": "2203094",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2203094"
      },
      {
        "category": "external",
        "summary": "2207947",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207947"
      },
      {
        "category": "external",
        "summary": "2211060",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2211060"
      },
      {
        "category": "external",
        "summary": "2218196",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218196"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6330.json"
      }
    ],
    "title": "Red Hat Security Advisory: edk2 security, bug fix, and enhancement update",
    "tracking": {
      "current_release_date": "2024-11-06T04:07:28+00:00",
      "generator": {
        "date": "2024-11-06T04:07:28+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.1.1"
        }
      },
      "id": "RHSA-2023:6330",
      "initial_release_date": "2023-11-07T09:08:13+00:00",
      "revision_history": [
        {
          "date": "2023-11-07T09:08:13+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2023-11-07T09:08:13+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-06T04:07:28+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream (v. 9)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream (v. 9)",
                  "product_id": "AppStream-9.3.0.GA",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat CodeReady Linux Builder (v. 9)",
                "product": {
                  "name": "Red Hat CodeReady Linux Builder (v. 9)",
                  "product_id": "CRB-9.3.0.GA",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_linux:9::crb"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "edk2-0:20230524-3.el9.src",
                "product": {
                  "name": "edk2-0:20230524-3.el9.src",
                  "product_id": "edk2-0:20230524-3.el9.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/edk2@20230524-3.el9?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "edk2-aarch64-0:20230524-3.el9.noarch",
                "product": {
                  "name": "edk2-aarch64-0:20230524-3.el9.noarch",
                  "product_id": "edk2-aarch64-0:20230524-3.el9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/edk2-aarch64@20230524-3.el9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "edk2-ovmf-0:20230524-3.el9.noarch",
                "product": {
                  "name": "edk2-ovmf-0:20230524-3.el9.noarch",
                  "product_id": "edk2-ovmf-0:20230524-3.el9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/edk2-ovmf@20230524-3.el9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "edk2-tools-doc-0:20230524-3.el9.noarch",
                "product": {
                  "name": "edk2-tools-doc-0:20230524-3.el9.noarch",
                  "product_id": "edk2-tools-doc-0:20230524-3.el9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/edk2-tools-doc@20230524-3.el9?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "edk2-tools-0:20230524-3.el9.aarch64",
                "product": {
                  "name": "edk2-tools-0:20230524-3.el9.aarch64",
                  "product_id": "edk2-tools-0:20230524-3.el9.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/edk2-tools@20230524-3.el9?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "edk2-debugsource-0:20230524-3.el9.aarch64",
                "product": {
                  "name": "edk2-debugsource-0:20230524-3.el9.aarch64",
                  "product_id": "edk2-debugsource-0:20230524-3.el9.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/edk2-debugsource@20230524-3.el9?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "edk2-tools-debuginfo-0:20230524-3.el9.aarch64",
                "product": {
                  "name": "edk2-tools-debuginfo-0:20230524-3.el9.aarch64",
                  "product_id": "edk2-tools-debuginfo-0:20230524-3.el9.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/edk2-tools-debuginfo@20230524-3.el9?arch=aarch64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "edk2-tools-0:20230524-3.el9.x86_64",
                "product": {
                  "name": "edk2-tools-0:20230524-3.el9.x86_64",
                  "product_id": "edk2-tools-0:20230524-3.el9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/edk2-tools@20230524-3.el9?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "edk2-debugsource-0:20230524-3.el9.x86_64",
                "product": {
                  "name": "edk2-debugsource-0:20230524-3.el9.x86_64",
                  "product_id": "edk2-debugsource-0:20230524-3.el9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/edk2-debugsource@20230524-3.el9?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "edk2-tools-debuginfo-0:20230524-3.el9.x86_64",
                "product": {
                  "name": "edk2-tools-debuginfo-0:20230524-3.el9.x86_64",
                  "product_id": "edk2-tools-debuginfo-0:20230524-3.el9.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/edk2-tools-debuginfo@20230524-3.el9?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-0:20230524-3.el9.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:edk2-0:20230524-3.el9.src"
        },
        "product_reference": "edk2-0:20230524-3.el9.src",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-aarch64-0:20230524-3.el9.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:edk2-aarch64-0:20230524-3.el9.noarch"
        },
        "product_reference": "edk2-aarch64-0:20230524-3.el9.noarch",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-debugsource-0:20230524-3.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.aarch64"
        },
        "product_reference": "edk2-debugsource-0:20230524-3.el9.aarch64",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-debugsource-0:20230524-3.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.x86_64"
        },
        "product_reference": "edk2-debugsource-0:20230524-3.el9.x86_64",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-ovmf-0:20230524-3.el9.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:edk2-ovmf-0:20230524-3.el9.noarch"
        },
        "product_reference": "edk2-ovmf-0:20230524-3.el9.noarch",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-tools-0:20230524-3.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:edk2-tools-0:20230524-3.el9.aarch64"
        },
        "product_reference": "edk2-tools-0:20230524-3.el9.aarch64",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-tools-0:20230524-3.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:edk2-tools-0:20230524-3.el9.x86_64"
        },
        "product_reference": "edk2-tools-0:20230524-3.el9.x86_64",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-tools-debuginfo-0:20230524-3.el9.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.aarch64"
        },
        "product_reference": "edk2-tools-debuginfo-0:20230524-3.el9.aarch64",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-tools-debuginfo-0:20230524-3.el9.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.x86_64"
        },
        "product_reference": "edk2-tools-debuginfo-0:20230524-3.el9.x86_64",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-tools-doc-0:20230524-3.el9.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.3.0.GA:edk2-tools-doc-0:20230524-3.el9.noarch"
        },
        "product_reference": "edk2-tools-doc-0:20230524-3.el9.noarch",
        "relates_to_product_reference": "AppStream-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-0:20230524-3.el9.src as a component of Red Hat CodeReady Linux Builder (v. 9)",
          "product_id": "CRB-9.3.0.GA:edk2-0:20230524-3.el9.src"
        },
        "product_reference": "edk2-0:20230524-3.el9.src",
        "relates_to_product_reference": "CRB-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-aarch64-0:20230524-3.el9.noarch as a component of Red Hat CodeReady Linux Builder (v. 9)",
          "product_id": "CRB-9.3.0.GA:edk2-aarch64-0:20230524-3.el9.noarch"
        },
        "product_reference": "edk2-aarch64-0:20230524-3.el9.noarch",
        "relates_to_product_reference": "CRB-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-debugsource-0:20230524-3.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
          "product_id": "CRB-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.aarch64"
        },
        "product_reference": "edk2-debugsource-0:20230524-3.el9.aarch64",
        "relates_to_product_reference": "CRB-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-debugsource-0:20230524-3.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
          "product_id": "CRB-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.x86_64"
        },
        "product_reference": "edk2-debugsource-0:20230524-3.el9.x86_64",
        "relates_to_product_reference": "CRB-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-ovmf-0:20230524-3.el9.noarch as a component of Red Hat CodeReady Linux Builder (v. 9)",
          "product_id": "CRB-9.3.0.GA:edk2-ovmf-0:20230524-3.el9.noarch"
        },
        "product_reference": "edk2-ovmf-0:20230524-3.el9.noarch",
        "relates_to_product_reference": "CRB-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-tools-0:20230524-3.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
          "product_id": "CRB-9.3.0.GA:edk2-tools-0:20230524-3.el9.aarch64"
        },
        "product_reference": "edk2-tools-0:20230524-3.el9.aarch64",
        "relates_to_product_reference": "CRB-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-tools-0:20230524-3.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
          "product_id": "CRB-9.3.0.GA:edk2-tools-0:20230524-3.el9.x86_64"
        },
        "product_reference": "edk2-tools-0:20230524-3.el9.x86_64",
        "relates_to_product_reference": "CRB-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-tools-debuginfo-0:20230524-3.el9.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
          "product_id": "CRB-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.aarch64"
        },
        "product_reference": "edk2-tools-debuginfo-0:20230524-3.el9.aarch64",
        "relates_to_product_reference": "CRB-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-tools-debuginfo-0:20230524-3.el9.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 9)",
          "product_id": "CRB-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.x86_64"
        },
        "product_reference": "edk2-tools-debuginfo-0:20230524-3.el9.x86_64",
        "relates_to_product_reference": "CRB-9.3.0.GA"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "edk2-tools-doc-0:20230524-3.el9.noarch as a component of Red Hat CodeReady Linux Builder (v. 9)",
          "product_id": "CRB-9.3.0.GA:edk2-tools-doc-0:20230524-3.el9.noarch"
        },
        "product_reference": "edk2-tools-doc-0:20230524-3.el9.noarch",
        "relates_to_product_reference": "CRB-9.3.0.GA"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-14560",
      "cwe": {
        "id": "CWE-252",
        "name": "Unchecked Return Value"
      },
      "discovery_date": "2020-07-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1858038"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "No description is available for this CVE.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "edk2: Function GetEfiGlobalVariable2() return value not checked in DxeImageVerificationHandler()",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.3.0.GA:edk2-0:20230524-3.el9.src",
          "AppStream-9.3.0.GA:edk2-aarch64-0:20230524-3.el9.noarch",
          "AppStream-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.aarch64",
          "AppStream-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.x86_64",
          "AppStream-9.3.0.GA:edk2-ovmf-0:20230524-3.el9.noarch",
          "AppStream-9.3.0.GA:edk2-tools-0:20230524-3.el9.aarch64",
          "AppStream-9.3.0.GA:edk2-tools-0:20230524-3.el9.x86_64",
          "AppStream-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.aarch64",
          "AppStream-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.x86_64",
          "AppStream-9.3.0.GA:edk2-tools-doc-0:20230524-3.el9.noarch",
          "CRB-9.3.0.GA:edk2-0:20230524-3.el9.src",
          "CRB-9.3.0.GA:edk2-aarch64-0:20230524-3.el9.noarch",
          "CRB-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.aarch64",
          "CRB-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.x86_64",
          "CRB-9.3.0.GA:edk2-ovmf-0:20230524-3.el9.noarch",
          "CRB-9.3.0.GA:edk2-tools-0:20230524-3.el9.aarch64",
          "CRB-9.3.0.GA:edk2-tools-0:20230524-3.el9.x86_64",
          "CRB-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.aarch64",
          "CRB-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.x86_64",
          "CRB-9.3.0.GA:edk2-tools-doc-0:20230524-3.el9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-14560"
        },
        {
          "category": "external",
          "summary": "RHBZ#1858038",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858038"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14560",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-14560"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14560",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14560"
        }
      ],
      "release_date": "2020-07-01T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-11-07T09:08:13+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.3.0.GA:edk2-0:20230524-3.el9.src",
            "AppStream-9.3.0.GA:edk2-aarch64-0:20230524-3.el9.noarch",
            "AppStream-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.aarch64",
            "AppStream-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.x86_64",
            "AppStream-9.3.0.GA:edk2-ovmf-0:20230524-3.el9.noarch",
            "AppStream-9.3.0.GA:edk2-tools-0:20230524-3.el9.aarch64",
            "AppStream-9.3.0.GA:edk2-tools-0:20230524-3.el9.x86_64",
            "AppStream-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.aarch64",
            "AppStream-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.x86_64",
            "AppStream-9.3.0.GA:edk2-tools-doc-0:20230524-3.el9.noarch",
            "CRB-9.3.0.GA:edk2-0:20230524-3.el9.src",
            "CRB-9.3.0.GA:edk2-aarch64-0:20230524-3.el9.noarch",
            "CRB-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.aarch64",
            "CRB-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.x86_64",
            "CRB-9.3.0.GA:edk2-ovmf-0:20230524-3.el9.noarch",
            "CRB-9.3.0.GA:edk2-tools-0:20230524-3.el9.aarch64",
            "CRB-9.3.0.GA:edk2-tools-0:20230524-3.el9.x86_64",
            "CRB-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.aarch64",
            "CRB-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.x86_64",
            "CRB-9.3.0.GA:edk2-tools-doc-0:20230524-3.el9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:6330"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.3.0.GA:edk2-0:20230524-3.el9.src",
            "AppStream-9.3.0.GA:edk2-aarch64-0:20230524-3.el9.noarch",
            "AppStream-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.aarch64",
            "AppStream-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.x86_64",
            "AppStream-9.3.0.GA:edk2-ovmf-0:20230524-3.el9.noarch",
            "AppStream-9.3.0.GA:edk2-tools-0:20230524-3.el9.aarch64",
            "AppStream-9.3.0.GA:edk2-tools-0:20230524-3.el9.x86_64",
            "AppStream-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.aarch64",
            "AppStream-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.x86_64",
            "AppStream-9.3.0.GA:edk2-tools-doc-0:20230524-3.el9.noarch",
            "CRB-9.3.0.GA:edk2-0:20230524-3.el9.src",
            "CRB-9.3.0.GA:edk2-aarch64-0:20230524-3.el9.noarch",
            "CRB-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.aarch64",
            "CRB-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.x86_64",
            "CRB-9.3.0.GA:edk2-ovmf-0:20230524-3.el9.noarch",
            "CRB-9.3.0.GA:edk2-tools-0:20230524-3.el9.aarch64",
            "CRB-9.3.0.GA:edk2-tools-0:20230524-3.el9.x86_64",
            "CRB-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.aarch64",
            "CRB-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.x86_64",
            "CRB-9.3.0.GA:edk2-tools-doc-0:20230524-3.el9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "edk2: Function GetEfiGlobalVariable2() return value not checked in DxeImageVerificationHandler()"
    },
    {
      "cve": "CVE-2023-2650",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-05-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2207947"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in OpenSSL resulting in a possible denial of service while translating ASN.1 object identifiers. Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience long delays when processing messages, which may lead to a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: Possible DoS translating ASN.1 object identifiers",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "CVE-2023-2650 can\u0027t cause DoS on machines with OpenSSL 1.1.1 and so is considered LOW for RHEL 8.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.3.0.GA:edk2-0:20230524-3.el9.src",
          "AppStream-9.3.0.GA:edk2-aarch64-0:20230524-3.el9.noarch",
          "AppStream-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.aarch64",
          "AppStream-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.x86_64",
          "AppStream-9.3.0.GA:edk2-ovmf-0:20230524-3.el9.noarch",
          "AppStream-9.3.0.GA:edk2-tools-0:20230524-3.el9.aarch64",
          "AppStream-9.3.0.GA:edk2-tools-0:20230524-3.el9.x86_64",
          "AppStream-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.aarch64",
          "AppStream-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.x86_64",
          "AppStream-9.3.0.GA:edk2-tools-doc-0:20230524-3.el9.noarch",
          "CRB-9.3.0.GA:edk2-0:20230524-3.el9.src",
          "CRB-9.3.0.GA:edk2-aarch64-0:20230524-3.el9.noarch",
          "CRB-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.aarch64",
          "CRB-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.x86_64",
          "CRB-9.3.0.GA:edk2-ovmf-0:20230524-3.el9.noarch",
          "CRB-9.3.0.GA:edk2-tools-0:20230524-3.el9.aarch64",
          "CRB-9.3.0.GA:edk2-tools-0:20230524-3.el9.x86_64",
          "CRB-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.aarch64",
          "CRB-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.x86_64",
          "CRB-9.3.0.GA:edk2-tools-doc-0:20230524-3.el9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-2650"
        },
        {
          "category": "external",
          "summary": "RHBZ#2207947",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207947"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-2650",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2650"
        },
        {
          "category": "external",
          "summary": "https://www.openssl.org/news/secadv/20230530.txt",
          "url": "https://www.openssl.org/news/secadv/20230530.txt"
        }
      ],
      "release_date": "2023-05-30T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-11-07T09:08:13+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.3.0.GA:edk2-0:20230524-3.el9.src",
            "AppStream-9.3.0.GA:edk2-aarch64-0:20230524-3.el9.noarch",
            "AppStream-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.aarch64",
            "AppStream-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.x86_64",
            "AppStream-9.3.0.GA:edk2-ovmf-0:20230524-3.el9.noarch",
            "AppStream-9.3.0.GA:edk2-tools-0:20230524-3.el9.aarch64",
            "AppStream-9.3.0.GA:edk2-tools-0:20230524-3.el9.x86_64",
            "AppStream-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.aarch64",
            "AppStream-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.x86_64",
            "AppStream-9.3.0.GA:edk2-tools-doc-0:20230524-3.el9.noarch",
            "CRB-9.3.0.GA:edk2-0:20230524-3.el9.src",
            "CRB-9.3.0.GA:edk2-aarch64-0:20230524-3.el9.noarch",
            "CRB-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.aarch64",
            "CRB-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.x86_64",
            "CRB-9.3.0.GA:edk2-ovmf-0:20230524-3.el9.noarch",
            "CRB-9.3.0.GA:edk2-tools-0:20230524-3.el9.aarch64",
            "CRB-9.3.0.GA:edk2-tools-0:20230524-3.el9.x86_64",
            "CRB-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.aarch64",
            "CRB-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.x86_64",
            "CRB-9.3.0.GA:edk2-tools-doc-0:20230524-3.el9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:6330"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.3.0.GA:edk2-0:20230524-3.el9.src",
            "AppStream-9.3.0.GA:edk2-aarch64-0:20230524-3.el9.noarch",
            "AppStream-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.aarch64",
            "AppStream-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.x86_64",
            "AppStream-9.3.0.GA:edk2-ovmf-0:20230524-3.el9.noarch",
            "AppStream-9.3.0.GA:edk2-tools-0:20230524-3.el9.aarch64",
            "AppStream-9.3.0.GA:edk2-tools-0:20230524-3.el9.x86_64",
            "AppStream-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.aarch64",
            "AppStream-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.x86_64",
            "AppStream-9.3.0.GA:edk2-tools-doc-0:20230524-3.el9.noarch",
            "CRB-9.3.0.GA:edk2-0:20230524-3.el9.src",
            "CRB-9.3.0.GA:edk2-aarch64-0:20230524-3.el9.noarch",
            "CRB-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.aarch64",
            "CRB-9.3.0.GA:edk2-debugsource-0:20230524-3.el9.x86_64",
            "CRB-9.3.0.GA:edk2-ovmf-0:20230524-3.el9.noarch",
            "CRB-9.3.0.GA:edk2-tools-0:20230524-3.el9.aarch64",
            "CRB-9.3.0.GA:edk2-tools-0:20230524-3.el9.x86_64",
            "CRB-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.aarch64",
            "CRB-9.3.0.GA:edk2-tools-debuginfo-0:20230524-3.el9.x86_64",
            "CRB-9.3.0.GA:edk2-tools-doc-0:20230524-3.el9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "openssl: Possible DoS translating ASN.1 object identifiers"
    }
  ]
}

cve-2023-2650

Vulnerability from cvelistv5

Published

2023-05-30 13:40

Modified

2024-08-02 06:26

Severity ?

Summary

Possible DoS translating ASN.1 object identifiers

References

▼	URL	Tags
	https://www.openssl.org/news/secadv/20230530.txt	vendor-advisory
	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a	patch
	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b	patch
	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098	patch
	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c	patch
	http://www.openwall.com/lists/oss-security/2023/05/30/1
	https://www.debian.org/security/2023/dsa-5417
	https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html
	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009
	https://security.netapp.com/advisory/ntap-20230703-0001/
	https://security.netapp.com/advisory/ntap-20231027-0009/
	https://security.gentoo.org/glsa/202402-08

Impacted products

▼	Vendor	Product
	OpenSSL	OpenSSL

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:26:09.899Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "OpenSSL Advisory",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.openssl.org/news/secadv/20230530.txt"
          },
          {
            "name": "3.1.1 git commit",
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a"
          },
          {
            "name": "3.0.9 git commit",
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b"
          },
          {
            "name": "1.1.1u git commit",
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098"
          },
          {
            "name": "1.0.2zh patch (premium)",
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/05/30/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5417"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230703-0001/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20231027-0009/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202402-08"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "OpenSSL",
          "vendor": "OpenSSL",
          "versions": [
            {
              "lessThan": "3.1.1",
              "status": "affected",
              "version": "3.1.1",
              "versionType": "semver"
            },
            {
              "lessThan": "3.0.9",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.1.1u",
              "status": "affected",
              "version": "1.1.1",
              "versionType": "custom"
            },
            {
              "lessThan": "1.0.2zh",
              "status": "affected",
              "version": "1.0.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "OSSFuzz"
        },
        {
          "lang": "en",
          "type": "reporter",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Matt Caswell"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Richard Levitte"
        }
      ],
      "datePublic": "2023-05-30T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Issue summary: Processing some specially crafted ASN.1 object identifiers or\u003cbr\u003edata containing them may be very slow.\u003cbr\u003e\u003cbr\u003eImpact summary: Applications that use OBJ_obj2txt() directly, or use any of\u003cbr\u003ethe OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message\u003cbr\u003esize limit may experience notable to very long delays when processing those\u003cbr\u003emessages, which may lead to a Denial of Service.\u003cbr\u003e\u003cbr\u003eAn OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers -\u003cbr\u003emost of which have no size limit.  OBJ_obj2txt() may be used to translate\u003cbr\u003ean ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL\u003cbr\u003etype ASN1_OBJECT) to its canonical numeric text form, which are the\u003cbr\u003esub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by\u003cbr\u003eperiods.\u003cbr\u003e\u003cbr\u003eWhen one of the sub-identifiers in the OBJECT IDENTIFIER is very large\u003cbr\u003e(these are sizes that are seen as absurdly large, taking up tens or hundreds\u003cbr\u003eof KiBs), the translation to a decimal number in text may take a very long\u003cbr\u003etime.  The time complexity is O(n^2) with \u0027n\u0027 being the size of the\u003cbr\u003esub-identifiers in bytes (*).\u003cbr\u003e\u003cbr\u003eWith OpenSSL 3.0, support to fetch cryptographic algorithms using names /\u003cbr\u003eidentifiers in string form was introduced.  This includes using OBJECT\u003cbr\u003eIDENTIFIERs in canonical numeric text form as identifiers for fetching\u003cbr\u003ealgorithms.\u003cbr\u003e\u003cbr\u003eSuch OBJECT IDENTIFIERs may be received through the ASN.1 structure\u003cbr\u003eAlgorithmIdentifier, which is commonly used in multiple protocols to specify\u003cbr\u003ewhat cryptographic algorithm should be used to sign or verify, encrypt or\u003cbr\u003edecrypt, or digest passed data.\u003cbr\u003e\u003cbr\u003eApplications that call OBJ_obj2txt() directly with untrusted data are\u003cbr\u003eaffected, with any version of OpenSSL.  If the use is for the mere purpose\u003cbr\u003eof display, the severity is considered low.\u003cbr\u003e\u003cbr\u003eIn OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME,\u003cbr\u003eCMS, CMP/CRMF or TS.  It also impacts anything that processes X.509\u003cbr\u003ecertificates, including simple things like verifying its signature.\u003cbr\u003e\u003cbr\u003eThe impact on TLS is relatively low, because all versions of OpenSSL have a\u003cbr\u003e100KiB limit on the peer\u0027s certificate chain.  Additionally, this only\u003cbr\u003eimpacts clients, or servers that have explicitly enabled client\u003cbr\u003eauthentication.\u003cbr\u003e\u003cbr\u003eIn OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects,\u003cbr\u003esuch as X.509 certificates.  This is assumed to not happen in such a way\u003cbr\u003ethat it would cause a Denial of Service, so these versions are considered\u003cbr\u003enot affected by this issue in such a way that it would be cause for concern,\u003cbr\u003eand the severity is therefore considered low."
            }
          ],
          "value": "Issue summary: Processing some specially crafted ASN.1 object identifiers or\ndata containing them may be very slow.\n\nImpact summary: Applications that use OBJ_obj2txt() directly, or use any of\nthe OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message\nsize limit may experience notable to very long delays when processing those\nmessages, which may lead to a Denial of Service.\n\nAn OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers -\nmost of which have no size limit.  OBJ_obj2txt() may be used to translate\nan ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL\ntype ASN1_OBJECT) to its canonical numeric text form, which are the\nsub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by\nperiods.\n\nWhen one of the sub-identifiers in the OBJECT IDENTIFIER is very large\n(these are sizes that are seen as absurdly large, taking up tens or hundreds\nof KiBs), the translation to a decimal number in text may take a very long\ntime.  The time complexity is O(n^2) with \u0027n\u0027 being the size of the\nsub-identifiers in bytes (*).\n\nWith OpenSSL 3.0, support to fetch cryptographic algorithms using names /\nidentifiers in string form was introduced.  This includes using OBJECT\nIDENTIFIERs in canonical numeric text form as identifiers for fetching\nalgorithms.\n\nSuch OBJECT IDENTIFIERs may be received through the ASN.1 structure\nAlgorithmIdentifier, which is commonly used in multiple protocols to specify\nwhat cryptographic algorithm should be used to sign or verify, encrypt or\ndecrypt, or digest passed data.\n\nApplications that call OBJ_obj2txt() directly with untrusted data are\naffected, with any version of OpenSSL.  If the use is for the mere purpose\nof display, the severity is considered low.\n\nIn OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME,\nCMS, CMP/CRMF or TS.  It also impacts anything that processes X.509\ncertificates, including simple things like verifying its signature.\n\nThe impact on TLS is relatively low, because all versions of OpenSSL have a\n100KiB limit on the peer\u0027s certificate chain.  Additionally, this only\nimpacts clients, or servers that have explicitly enabled client\nauthentication.\n\nIn OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects,\nsuch as X.509 certificates.  This is assumed to not happen in such a way\nthat it would cause a Denial of Service, so these versions are considered\nnot affected by this issue in such a way that it would be cause for concern,\nand the severity is therefore considered low."
        }
      ],
      "metrics": [
        {
          "format": "other",
          "other": {
            "content": {
              "text": "Moderate"
            },
            "type": "https://www.openssl.org/policies/general/security-policy.html"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "inefficient algorithmic complexity",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-30T13:40:11.963Z",
        "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "shortName": "openssl"
      },
      "references": [
        {
          "name": "OpenSSL Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.openssl.org/news/secadv/20230530.txt"
        },
        {
          "name": "3.1.1 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a"
        },
        {
          "name": "3.0.9 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b"
        },
        {
          "name": "1.1.1u git commit",
          "tags": [
            "patch"
          ],
          "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098"
        },
        {
          "name": "1.0.2zh patch (premium)",
          "tags": [
            "patch"
          ],
          "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/05/30/1"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5417"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html"
        },
        {
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20230703-0001/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20231027-0009/"
        },
        {
          "url": "https://security.gentoo.org/glsa/202402-08"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Possible DoS translating ASN.1 object identifiers",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
    "assignerShortName": "openssl",
    "cveId": "CVE-2023-2650",
    "datePublished": "2023-05-30T13:40:11.963Z",
    "dateReserved": "2023-05-11T06:09:26.543Z",
    "dateUpdated": "2024-08-02T06:26:09.899Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-14560

Vulnerability from cvelistv5

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2023-02-28T00:00:00",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2019-14560",
    "dateRejected": "2023-02-28T00:00:00",
    "dateReserved": "2019-08-03T00:00:00",
    "dateUpdated": "2023-02-28T00:00:00",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.0"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

rhsa-2023_6330

Vulnerability from csaf_redhat

cve-2023-2650

Vulnerability from cvelistv5

cve-2019-14560

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature