medium
5.3
CWE
834
EPSS
0.130%
Advisory Published
CVE Published
Updated

CVE-2023-3817: Excessive time spent checking DH q parameter value

First published: Mon Jul 31 2023(Updated: )

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 OpenSSL Security Advisory [31st July 2023] ========================================== Excessive time spent checking DH q parameter value (<a href="https://access.redhat.com/security/cve/CVE-2023-3817">CVE-2023-3817</a>) ================================================================== Severity: Low Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. After fixing <a href="https://access.redhat.com/security/cve/CVE-2023-3446">CVE-2023-3446</a> it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the "-check" option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue. OpenSSL 3.1, 3.0, 1.1.1 and 1.0.2 are vulnerable to this issue. Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available. The fix is also available in commit 6a1eb62c2 (for 3.1), commit 9002fd073 (for 3.0) and commit 91ddeba0f (for 1.1.1) in the OpenSSL git repository. It is available to premium support customer in commit 869ad69a (for 1.0.2). This issue was reported on 20th July 2023 by Bernd Edlinger. The fix was developed by Tomas Mraz. General Advisory Notes ====================== URL for this Security Advisory: <a href="https://www.openssl.org/news/secadv/20230731.txt">https://www.openssl.org/news/secadv/20230731.txt</a> Note: the online version of the advisory may be updated with additional details over time. For details of OpenSSL severity classifications please see: <a href="https://www.openssl.org/policies/secpolicy.html">https://www.openssl.org/policies/secpolicy.html</a> OpenSSL 1.1.1 will reach end-of-life on 2023-09-11. After that date security fixes for 1.1.1 will only be available to premium support customers. -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAmTH1M4ACgkQ2cTSbQ5g RJGhtAf9E3HklBKezKOXvAbsPmCqcjySMVTV/JrBjrDn14UIRjZmhVoHd5QGusN2 ReRtA3bRL41UQYdLKDkdYjp9XmlDDFb5hKO3G7P0ldtDaw21TkIQeI/90OKjgsQu A+vpf/TcE1a1Pbz8cIRKYBjIaS3z9yIDW4eB0gytWxsqMxze+9IOYNuAbDa0KsqO PFTUiHr5xu01wsdVdHeUMpZ01E8tGbVwgyY7tvCUAUJcjjLcTb9+gXQLn6cmVRJt 6kU8jsamkiYpL1MoKI5yQvYx0nXZUxXbH1ICPltytC4pBsMEypCCnJTkcJKhRRNt 76Z4/x3XDqMzapYMPimIRifdzPV9FQ== =Ve/V -----END PGP SIGNATURE-----

Credit: openssl-security@openssl.org openssl-security@openssl.org openssl-security@openssl.org

Affected SoftwareAffected VersionHow to fix
OpenSSL OpenSSL>=3.0.0<3.0.10
OpenSSL OpenSSL>=3.1.0<3.1.2
OpenSSL OpenSSL=1.0.2
OpenSSL OpenSSL=1.0.2-beta1
OpenSSL OpenSSL=1.0.2-beta2
OpenSSL OpenSSL=1.0.2-beta3
OpenSSL OpenSSL=1.0.2a
OpenSSL OpenSSL=1.0.2b
OpenSSL OpenSSL=1.0.2c
OpenSSL OpenSSL=1.0.2d
OpenSSL OpenSSL=1.0.2e
OpenSSL OpenSSL=1.0.2f
OpenSSL OpenSSL=1.0.2g
OpenSSL OpenSSL=1.0.2h
OpenSSL OpenSSL=1.0.2i
OpenSSL OpenSSL=1.0.2j
OpenSSL OpenSSL=1.0.2k
OpenSSL OpenSSL=1.0.2l
OpenSSL OpenSSL=1.0.2m
OpenSSL OpenSSL=1.0.2n
OpenSSL OpenSSL=1.0.2o
OpenSSL OpenSSL=1.0.2p
OpenSSL OpenSSL=1.0.2q
OpenSSL OpenSSL=1.0.2r
OpenSSL OpenSSL=1.0.2s
OpenSSL OpenSSL=1.0.2t
OpenSSL OpenSSL=1.0.2u
OpenSSL OpenSSL=1.0.2v
OpenSSL OpenSSL=1.0.2w
OpenSSL OpenSSL=1.0.2x
OpenSSL OpenSSL=1.0.2y
OpenSSL OpenSSL=1.0.2za
OpenSSL OpenSSL=1.0.2zb
OpenSSL OpenSSL=1.0.2zc
OpenSSL OpenSSL=1.0.2zd
OpenSSL OpenSSL=1.0.2ze
OpenSSL OpenSSL=1.0.2zf
OpenSSL OpenSSL=1.0.2zg
OpenSSL OpenSSL=1.0.2zh
OpenSSL OpenSSL=1.1.1
OpenSSL OpenSSL=1.1.1-pre1
OpenSSL OpenSSL=1.1.1-pre2
OpenSSL OpenSSL=1.1.1-pre3
OpenSSL OpenSSL=1.1.1-pre4
OpenSSL OpenSSL=1.1.1-pre5
OpenSSL OpenSSL=1.1.1-pre6
OpenSSL OpenSSL=1.1.1-pre7
OpenSSL OpenSSL=1.1.1-pre8
OpenSSL OpenSSL=1.1.1-pre9
OpenSSL OpenSSL=1.1.1a
OpenSSL OpenSSL=1.1.1b
OpenSSL OpenSSL=1.1.1c
OpenSSL OpenSSL=1.1.1d
OpenSSL OpenSSL=1.1.1e
OpenSSL OpenSSL=1.1.1f
OpenSSL OpenSSL=1.1.1g
OpenSSL OpenSSL=1.1.1h
OpenSSL OpenSSL=1.1.1i
OpenSSL OpenSSL=1.1.1j
OpenSSL OpenSSL=1.1.1k
OpenSSL OpenSSL=1.1.1l
OpenSSL OpenSSL=1.1.1m
OpenSSL OpenSSL=1.1.1n
OpenSSL OpenSSL=1.1.1o
OpenSSL OpenSSL=1.1.1p
OpenSSL OpenSSL=1.1.1q
OpenSSL OpenSSL=1.1.1r
OpenSSL OpenSSL=1.1.1s
OpenSSL OpenSSL=1.1.1t
OpenSSL OpenSSL=1.1.1u
IBM Cognos Analytics<=12.0.0-12.0.1
IBM Cognos Analytics<=11.2.0-11.2.4 FP2
IBM Cognos Analytics<=11.1.1-11.1.7 FP7
ubuntu/openssl<1.1.1-1ubuntu2.1~18.04.23+
1.1.1-1ubuntu2.1~18.04.23+
ubuntu/openssl<1.1.1
1.1.1
ubuntu/openssl<3.0.2-0ubuntu1.12
3.0.2-0ubuntu1.12
ubuntu/openssl<3.0.8-1ubuntu1.4
3.0.8-1ubuntu1.4
ubuntu/openssl<3.0.10
3.0.10
ubuntu/openssl<1.0.2
1.0.2
ubuntu/openssl1.0<1.0.2
1.0.2
debian/openssl<=1.1.1n-0+deb10u3<=1.1.1n-0+deb11u5
1.1.1n-0+deb10u6
1.1.1w-0+deb11u1
3.0.11-1~deb12u2
3.2.1-3

Remedy

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a1eb62c29db6cb5eec707f9338aee00f44e26f5

Remedy

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9002fd07327a91f35ba6c1307e71fa6fd4409b7f

Remedy

https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=91ddeba0f2269b017dc06c46c993a788974b1aa5

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203