SUSE update for openssl-3
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Buffer overflow
EUVDB-ID: #VU68896
Risk: Medium
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2022-3786
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The
vulnerability exists due to a boundary error when processing the email
address field length inside a X.509 certificate. A remote attacker can supply a
specially crafted certificate to the application, trigger a buffer overflow and crash the application.
Mitigation
Update the affected package openssl-3 to the latest version.
Vulnerable software versionsSUSE Manager Retail Branch Server: 4.3
SUSE Manager Server: 4.3
SUSE Manager Proxy: 4.3
SUSE Linux Enterprise Module for Basesystem: 15-SP4
SUSE Linux Enterprise Desktop: 15-SP4
SUSE Linux Enterprise Server: 15-SP4
openSUSE Leap: 15.4
SUSE Linux Enterprise Server for SAP Applications: 15-SP4
SUSE Linux Enterprise High Performance Computing: 15-SP4
libopenssl3-32bit-debuginfo: before 3.0.1-150400.4.14.1
libopenssl3-32bit: before 3.0.1-150400.4.14.1
libopenssl-3-devel-32bit: before 3.0.1-150400.4.14.1
openssl-3-doc: before 3.0.1-150400.4.14.1
openssl-3-debugsource: before 3.0.1-150400.4.14.1
openssl-3-debuginfo: before 3.0.1-150400.4.14.1
openssl-3: before 3.0.1-150400.4.14.1
libopenssl3-debuginfo: before 3.0.1-150400.4.14.1
libopenssl3: before 3.0.1-150400.4.14.1
libopenssl-3-devel: before 3.0.1-150400.4.14.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20224586-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Improper locking
EUVDB-ID: #VU70142
Risk: Low
CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-3996
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack (DoS).
The vulnerability exists due to double-locking error if an X.509 certificate contains a malformed policy constraint and policy processing is enabled. A remote attacker can under certain circumstances perform a denial of service attack against the web server.
Successful exploitation of the vulnerability requires that policy processing being enabled on the server.
Update the affected package openssl-3 to the latest version.
Vulnerable software versionsSUSE Manager Retail Branch Server: 4.3
SUSE Manager Server: 4.3
SUSE Manager Proxy: 4.3
SUSE Linux Enterprise Module for Basesystem: 15-SP4
SUSE Linux Enterprise Desktop: 15-SP4
SUSE Linux Enterprise Server: 15-SP4
openSUSE Leap: 15.4
SUSE Linux Enterprise Server for SAP Applications: 15-SP4
SUSE Linux Enterprise High Performance Computing: 15-SP4
libopenssl3-32bit-debuginfo: before 3.0.1-150400.4.14.1
libopenssl3-32bit: before 3.0.1-150400.4.14.1
libopenssl-3-devel-32bit: before 3.0.1-150400.4.14.1
openssl-3-doc: before 3.0.1-150400.4.14.1
openssl-3-debugsource: before 3.0.1-150400.4.14.1
openssl-3-debuginfo: before 3.0.1-150400.4.14.1
openssl-3: before 3.0.1-150400.4.14.1
libopenssl3-debuginfo: before 3.0.1-150400.4.14.1
libopenssl3: before 3.0.1-150400.4.14.1
libopenssl-3-devel: before 3.0.1-150400.4.14.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20224586-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
