SUSE update for openssl-3



Risk Medium
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2022-40735
CVE-2023-1255
CVE-2023-2650
CWE-ID CWE-400
CWE-125
CWE-399
Exploitation vector Network
Public exploit N/A
Vulnerable software
 SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Real Time 15
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Desktop 15
Operating systems & Components / Operating system

Basesystem Module
Operating systems & Components / Operating system

SUSE Manager Retail Branch Server
Operating systems & Components / Operating system

SUSE Manager Server
Operating systems & Components / Operating system

SUSE Manager Proxy
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

openssl-3-doc
Operating systems & Components / Operating system package or component

libopenssl-3-devel-32bit
Operating systems & Components / Operating system package or component

libopenssl3-32bit-debuginfo
Operating systems & Components / Operating system package or component

libopenssl3-32bit
Operating systems & Components / Operating system package or component

openssl-3-debugsource
Operating systems & Components / Operating system package or component

openssl-3
Operating systems & Components / Operating system package or component

openssl-3-debuginfo
Operating systems & Components / Operating system package or component

libopenssl3
Operating systems & Components / Operating system package or component

libopenssl3-debuginfo
Operating systems & Components / Operating system package or component

libopenssl-3-devel
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Resource exhaustion

EUVDB-ID: #VU77321

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-40735

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to usage of unnecessarily expensive calculations. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Update the affected package openssl-3 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Linux Enterprise Desktop 15: SP4

Basesystem Module: 15-SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

openssl-3-doc: before 3.0.8-150400.4.26.1

libopenssl-3-devel-32bit: before 3.0.8-150400.4.26.1

libopenssl3-32bit-debuginfo: before 3.0.8-150400.4.26.1

libopenssl3-32bit: before 3.0.8-150400.4.26.1

openssl-3-debugsource: before 3.0.8-150400.4.26.1

openssl-3: before 3.0.8-150400.4.26.1

openssl-3-debuginfo: before 3.0.8-150400.4.26.1

libopenssl3: before 3.0.8-150400.4.26.1

libopenssl3-debuginfo: before 3.0.8-150400.4.26.1

libopenssl-3-devel: before 3.0.8-150400.4.26.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2023/suse-su-20232470-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Out-of-bounds read

EUVDB-ID: #VU75388

Risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-1255

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the AES-XTS cipher decryption implementation for 64 bit ARM platform. An attacker with ability to control the size and location of the ciphertext buffer can trigger an out-of-bounds read and crash the application.

Mitigation

Update the affected package openssl-3 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Linux Enterprise Desktop 15: SP4

Basesystem Module: 15-SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

openssl-3-doc: before 3.0.8-150400.4.26.1

libopenssl-3-devel-32bit: before 3.0.8-150400.4.26.1

libopenssl3-32bit-debuginfo: before 3.0.8-150400.4.26.1

libopenssl3-32bit: before 3.0.8-150400.4.26.1

openssl-3-debugsource: before 3.0.8-150400.4.26.1

openssl-3: before 3.0.8-150400.4.26.1

openssl-3-debuginfo: before 3.0.8-150400.4.26.1

libopenssl3: before 3.0.8-150400.4.26.1

libopenssl3-debuginfo: before 3.0.8-150400.4.26.1

libopenssl-3-devel: before 3.0.8-150400.4.26.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2023/suse-su-20232470-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Resource management error

EUVDB-ID: #VU76651

Risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-2650

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the application when processing OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS subsystems with no message size limit. A remote attacker can send specially crafted data to the application and perform a denial of service (DoS) attack.

Mitigation

Update the affected package openssl-3 to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Server for SAP Applications 15: SP4

SUSE Linux Enterprise Server 15: SP4

SUSE Linux Enterprise Real Time 15: SP4

SUSE Linux Enterprise High Performance Computing 15: SP4

SUSE Linux Enterprise Desktop 15: SP4

Basesystem Module: 15-SP4

SUSE Manager Retail Branch Server: 4.3

SUSE Manager Server: 4.3

SUSE Manager Proxy: 4.3

openSUSE Leap: 15.4

openssl-3-doc: before 3.0.8-150400.4.26.1

libopenssl-3-devel-32bit: before 3.0.8-150400.4.26.1

libopenssl3-32bit-debuginfo: before 3.0.8-150400.4.26.1

libopenssl3-32bit: before 3.0.8-150400.4.26.1

openssl-3-debugsource: before 3.0.8-150400.4.26.1

openssl-3: before 3.0.8-150400.4.26.1

openssl-3-debuginfo: before 3.0.8-150400.4.26.1

libopenssl3: before 3.0.8-150400.4.26.1

libopenssl3-debuginfo: before 3.0.8-150400.4.26.1

libopenssl-3-devel: before 3.0.8-150400.4.26.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2023/suse-su-20232470-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###