CVE-2023-28625: Null Pointer Dereference
First published: Mon Apr 03 2023(Updated: )
mod_auth_openidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In versions 2.0.0 through 2.4.13.1, when `OIDCStripCookies` is set and a crafted cookie supplied, a NULL pointer dereference would occur, resulting in a segmentation fault. This could be used in a Denial-of-Service attack and thus presents an availability risk. Version 2.4.13.2 contains a patch for this issue. As a workaround, avoid using `OIDCStripCookies`.
Credit: security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Openidc Mod Auth Openidc | >=2.0.0<2.4.13.2 | |
| debian/libapache2-mod-auth-openidc | <=2.3.10.2-1+deb10u1 | 2.3.10.2-1+deb10u3 2.4.9.4-0+deb11u3 2.4.12.3-2 2.4.14.2-1 |
| debian/libapache2-mod-auth-openidc | <=2.3.10.2-1+deb10u1<=2.4.9.4-0+deb11u2<=2.4.12.3-1 | 2.3.10.2-1+deb10u2 2.4.12.3-2 2.4.9.4-0+deb11u3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/OpenIDC/mod_auth_openidc/blame/3f11976dab56af0a46a7dddb7a275cc16d6eb726/src/mod_auth_openidc.c#L178-L179
- https://github.com/OpenIDC/mod_auth_openidc/commit/c0e1edac3c4c19988ccdc7713d7aebfce6ff916a
- https://github.com/OpenIDC/mod_auth_openidc/releases/tag/v2.4.13.2
- https://github.com/OpenIDC/mod_auth_openidc/security/advisories/GHSA-f5xw-rvfr-24qr
- https://lists.debian.org/debian-lts-announce/2023/04/msg00034.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WIBKFC22PDH6UXMSZ23PHTD7736ZC7BB/
- https://www.debian.org/security/2023/dsa-5405
- https://github.com/OpenIDC/mod_auth_openidc/commit/4389182239c0f60cfa4873f9980c826a70047cc4
- https://security-tracker.debian.org/tracker/CVE-2023-28625
- https://www.cve.org/CVERecord?id=CVE-2023-28625
- https://salsa.debian.org/debian/libapache2-mod-auth-openidc/-/commit/e8e39846999aad3daade94531ec02859a950e02c
- https://bugs.debian.org/1033916
- https://salsa.debian.org/debian/libapache2-mod-auth-openidc/-/compare/769c3920203e7c64f6ff9456ee6858ac0cb034f0...a8e821213ac28ca0909ca4f1bf512de5e35f90fa
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033916
Frequently Asked Questions
What is CVE-2023-28625?
CVE-2023-28625 is a vulnerability in mod_auth_openidc, an authentication and authorization module for the Apache 2.x HTTP server.
What is mod_auth_openidc?
mod_auth_openidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality.
What is the severity of CVE-2023-28625?
The severity of CVE-2023-28625 is high, with a CVSS score of 7.5.
How does CVE-2023-28625 affect mod_auth_openidc?
CVE-2023-28625 affects mod_auth_openidc versions 2.0.0 through 2.4.13.1.
How can CVE-2023-28625 be fixed?
The vulnerability can be fixed by upgrading mod_auth_openidc to version 2.4.13.2 or later.
- collector/nvd-index
- collector/security-tracker-debian
- collector/debian-bugs
- alias/CVE-2023-28625
- vendor/openidc
- canonical/openidc mod auth openidc
- version/openidc mod auth openidc/2.0.0
- package-manager/debian