Описание
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).
A NULL pointer dereference flaw was found in the way OpenSSL handled certain TLS handshake messages. This flaw allows an unauthenticated attacker to cause a server application compiled with OpenSSL to crash, causing a denial of service. In some cases a malicious server could also cause a client compiled with OpenSSL to crash.
Отчет
This flaw was introduced by the following OpenSSL commit:
https://github.com/openssl/openssl/commit/5235ef44b93306a14d0b6c695b13c64b16e1fdec
which was shipped as a part of OpenSSL-1.1.1d, therefore older versions are not affected by this flaw.
OpenSSL packages shipped with Red Hat Products are NOT affected by this flaw.
The affected signature_algorithm_cert check which causes the flaw is only applied to TLS 1.3, therefore older versions of TLS are not be affected by this flaw.
Also, the vulnerable SSL_check_chain() is not called directly from libssl, but may be used by the application inside a callback (e.g., client_hello or cert callback) to verify that a candidate certificate chain will be acceptable to the client. Thus, applications that use openssl without invoking the SSL_check_chain() function are not vulnerable to this flaw.
Lastly, no Red Hat Middleware products ship the affected version of OpenSSL. However, some components, such as Netty and Wildfly, may be configured by customers to use any OpenSSL version. Customers who have configured their setups to use a vulnerable version of OpenSSL are advised to upgrade to the latest unaffected version immediately.
Меры по смягчению последствий
Applications compiled with OpenSSL >= 1.1.1d that either use openssl without invoking the SSL_check_chain() function or do not use TLS 1.3 are not vulnerable to this flaw.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | openssl | Not affected | ||
| Red Hat Enterprise Linux 5 | openssl097a | Not affected | ||
| Red Hat Enterprise Linux 6 | openssl | Not affected | ||
| Red Hat Enterprise Linux 6 | openssl098e | Not affected | ||
| Red Hat Enterprise Linux 7 | openssl | Not affected | ||
| Red Hat Enterprise Linux 7 | openssl098e | Not affected | ||
| Red Hat Enterprise Linux 8 | compat-openssl10 | Not affected | ||
| Red Hat Enterprise Linux 8 | openssl | Not affected | ||
| Red Hat JBoss Core Services | openssl | Not affected | ||
| Red Hat JBoss Enterprise Application Platform 6 | openssl | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).
Server or client applications that call the SSL_check_chain() function ...
EPSS
7.5 High
CVSS3