The OpenSSL project team recently
announced the release of OpenSSL version 3.0.7, to be made available on Tuesday, November 1st between 1300-1700 UTC. The update is a security fix for a vulnerability in OpenSSL 3.0.x. We strongly recommend that developers and administrators prioritize patching any instances of OpenSSL 3 in their environment when the fix releases on Tuesday.
This article will be updated as more information becomes available.
To receive email notification when this article is updated, click Subscribe on the right side of the page. You must be logged on to subscribe.
On 1 November 2022, OpenSSL released an
advisory about CVE-2022-3786 (“X.509 Email Address Variable Length Buffer Overflow”) and CVE-2022-3602 (“X.509 Email Address 4-byte Buffer Overflow”). CVE-2022-3602 was originally assessed by the OpenSSL project as CRITICAL, but was later reduced to HIGH severity. More information about this can be found in the corresponding OpenSSL
blog post. Additional information can be found in this Trellix
blog post.
Security Bulletin
SB10390 is also now available.
CVE-2022-3602
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the '.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3602
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3602
CVE-2022-3786
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the '.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3786
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3786
