CVE-2022-3786: Buffer Overflow
First published: Tue Nov 01 2022(Updated: )
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
Credit: openssl-security@openssl.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| OpenSSL OpenSSL | >=3.0.0<3.0.7 | |
| Fedoraproject Fedora | =36 | |
| Fedoraproject Fedora | =37 | |
| Nodejs Node.js | >=18.0.0<18.11.0 | |
| Nodejs Node.js | =18.12.0 | |
| Nodejs Node.js | =19.0.0 | |
| IBM Cloud Pak for Business Automation | <=V22.0.2 - V22.0.2-IF001 | |
| IBM Cloud Pak for Business Automation | <=V21.0.3 - V21.0.3-IF017 | |
| IBM Cloud Pak for Business Automation | <=V22.0.1 - V22.0.1-IF006 and later fixes V21.0.2 - V21.0.2-IF012 and later fixesV21.0.1 - V21.0.1-IF007 and later fixesV20.0.1 - V20.0.3 and later fixesV19.0.1 - V19.0.3 and later fixesV18.0.0 - V18.0.2 and later fixes |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID is CVE-2022-3786.
What is the severity of CVE-2022-3786?
The severity of CVE-2022-3786 is high with a score of 7.5.
How does this vulnerability affect IBM Security Verify Privilege On-Premises?
IBM Security Verify Privilege On-Premises is affected by this vulnerability.
How can a remote attacker exploit this vulnerability?
A remote attacker can exploit this vulnerability by using a specially-crafted email address in a certificate.
What is the recommended action to mitigate this vulnerability?
Apply the necessary security patch or update provided by IBM to fix this vulnerability.
- collector/nvd-index
- agent/references
- agent/author
- agent/event
- agent/type
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- agent/weakness
- agent/severity
- collector/ibm-support
- agent/software-canonical-lookup-request
- vendor/openssl
- canonical/openssl openssl
- version/openssl openssl/3.0.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/36
- version/fedoraproject fedora/37
- vendor/nodejs
- canonical/nodejs node.js
- version/nodejs node.js/18.0.0
- version/nodejs node.js/18.12.0
- version/nodejs node.js/19.0.0
- vendor/ibm
- canonical/ibm cloud pak for business automation
- version/ibm cloud pak for business automation/v22.0.2 - v22.0.2-if001
- version/ibm cloud pak for business automation/v21.0.3 - v21.0.3-if017
- version/ibm cloud pak for business automation/v22.0.1 - v22.0.1-if006 and later fixes v21.0.2 - v21.0.2-if012 and later fixesv21.0.1 - v21.0.1-if007 and later fixesv20.0.1 - v20.0.3 and later fixesv19.0.1 - v19.0.3 and later fixesv18.0.0 - v18.0.2 and later fixes