OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities

[#if smallImage??]
    [#if smallImage?is_hash]
        [#if smallImage.alt??]

The OpenSSL project has rolled out fixes to contain two high-severity flaws in its widely used cryptography library that could result in a denial-of-service (DoS) and remote code execution.


The issues, tracked as CVE-2022-3602 and CVE-2022-3786, have been described as buffer overrun vulnerabilities that can be triggered during X.509 certificate verification by supplying a specially-crafted email address.


In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.


OpenSSL is an open source implementation of the SSL and TLS protocols used for secure communication and is baked into several operating systems and a wide range of software.


Versions 3.0.0 through 3.0.6 of the library are affected by the new flaws, which has been remediated in version 3.0.7. It's worth noting that the commonly deployed OpenSSL 1.x versions are not vulnerable.


Per data shared by Censys, about 7,062 hosts are said to run a susceptible version of OpenSSL as of October 30, 2022, with a majority of those located in the U.S., Germany, Japan, China, Czechia, the U.K., France, Russia, Canada, and the Netherlands.


While CVE-2022-3602 was initially treated as a Critical vulnerability, its severity has since been downgraded to High, citing stack overflow protections in modern platforms. Security researchers Polar Bear and Viktor Dukhovni have been credited with reporting CVE-2022-3602 and CVE-2022-3786 on October 17 and 18, 2022.


The OpenSSL Project further noted the bugs were introduced in OpenSSL 3.0.0 as part of punycode decoding functionality that's currently used for processing email address name constraints in X.509 certificates.


Despite the change in severity, these issues to be serious vulnerabilities and affected users are encouraged to upgrade as soon as possible.


Specifically, implementations that are configured for mutual authentication, where both the client and the server are providing OpenSSL-provided certificates for authentication, should definitely be fast-tracking this update.


The vulnerability requires a malformed certificate that is trusted or signed by a naming authority. That means that authorities should be able to quickly prevent certificates designed to target this vulnerability from being created, further limiting the scope.


Version 3.0, the current release of OpenSSL, is bundled with Linux operating system flavors such as CentOS, Fedora, Kali, Linux Mint, openSUSE Leap, and Ubuntu. Apple's macOS, on the other hand, uses LibreSSL. Container images built using affected versions of Linux are also impacted.


The new OpenSSL vulnerability does not affect the issuance or use of certificates. No organization needs to revoke or reissue certificates based on this vulnerability.
The last critical flaw addressed by OpenSSL was in September 2016, when it closed out CVE-2016-6309, a use-after-free bug that could result in a crash or execution of arbitrary code.


There are close to 240,000 publicly accessible servers worldwide running versions of OpenSSL that are still vulnerable to Heartbleed eight years after its initial discovery.
The OpenSSL software toolkit was most notably impacted by Heartbleed (CVE-2014-0160), a serious memory handling issue in the implementation of the TLS/DTLS heartbeat extension, enabling attackers to read portions of a target server's memory.


A critical vulnerability in a software library like OpenSSL, which is so widely in use and so fundamental to the security of data on the internet, is one that no organization can afford to overlook.


OpenSSL has warned that the vulnerability may be critical for systems that do not have adequate protections in place, theoretically leading to remote code execution on some architectures and platforms.


The chance of this vulnerability getting exploited in the wild is low due to the sophistication of this security bug, and the fact that one of the conditions is a malicious.