critical
9.8
CWE
120 787 119
Advisory Published
CVE Published
Updated

CVE-2022-3602: Buffer Overflow

First published: Tue Nov 01 2022(Updated: )

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. The risk may be further mitigated based on stack layout for any given platform/compiler. Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.

Credit: openssl-security@openssl.org openssl-security@openssl.org

Affected SoftwareAffected VersionHow to fix
rust/openssl-src>=300.0.0<300.0.11
300.0.11
OpenSSL OpenSSL>=3.0.0<3.0.7
Fedoraproject Fedora=36
Fedoraproject Fedora=37
NetApp Clustered Data ONTAP
Fedoraproject Fedora=26
Fedoraproject Fedora=27
Nodejs Node.js>=18.0.0<18.11.0
Nodejs Node.js=18.12.0
Nodejs Node.js=19.0.0
IBM Cloud Pak for Business Automation<=V22.0.2 - V22.0.2-IF001
IBM Cloud Pak for Business Automation<=V21.0.3 - V21.0.3-IF017
IBM Cloud Pak for Business Automation<=V22.0.1 - V22.0.1-IF006 and later fixes V21.0.2 - V21.0.2-IF012 and later fixesV21.0.1 - V21.0.1-IF007 and later fixesV20.0.1 - V20.0.3 and later fixesV19.0.1 - V19.0.3 and later fixesV18.0.0 - V18.0.2 and later fixes

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

  • What is the severity of CVE-2022-3602?

    The severity of CVE-2022-3602 is critical with a CVSS score of 9.8.

  • Which software is affected by CVE-2022-3602?

    CVE-2022-3602 affects the rust/openssl-src package with versions between 300.0.0 and 300.0.11.

  • How can CVE-2022-3602 be exploited?

    CVE-2022-3602 can be exploited by triggering a buffer overrun in X.509 certificate verification during name constraint checking.

  • What is the Common Weakness Enumeration (CWE) ID for CVE-2022-3602?

    CVE-2022-3602 has a Common Weakness Enumeration (CWE) ID of 119, 120, and 787.

  • Where can I find more information about CVE-2022-3602?

    More information about CVE-2022-3602 can be found in the following references: [GitHub Advisory](https://github.com/rustsec/advisory-db/pull/1452), [Commit on GitHub](https://github.com/alexcrichton/openssl-src-rs/commit/4a31c14f31e1a08c18893a37e304dd1dd4b7daa3), [RustSec Advisory](https://rustsec.org/advisories/RUSTSEC-2022-0064.html).

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203