[ALPINE:CVE-2023-3817] openssl, openssl3 vulnerability
[From CVE-2023-3817] Issue summary: Checking excessively long DH keys or parameters may be very slow.
Impact summary: Applications that use the functions DH_check(), DH_check_ex()
or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long
delays. Where the key or parameters that are being checked have been obtained
from an untrusted source this may lead to a Denial of Service.
The function DH_check() performs various checks on DH parameters. After fixing
CVE-2023-3446 it was discovered that a large q parameter value can also trigger
an overly long computation during some of these checks. A correct q value,
if present, cannot be larger than the modulus p parameter, thus it is
unnecessary to perform these checks if q is larger than p.
An application that calls DH_check() and supplies a key or parameters obtained
from an untrusted source could be vulnerable to a Denial of Service attack.
The function DH_check() is itself called by a number of other OpenSSL functions.
An application calling any of those other functions may similarly be affected.
The other functions affected by this are DH_check_ex() and
EVP_PKEY_param_check().
Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications
when using the "-check" option.
The OpenSSL SSL/TLS implementation is not affected by this issue.
The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.
- ID
- ALPINE:CVE-2023-3817
- Severity
- medium
- Severity from
- CVE-2023-3817
- URL
- https://security.alpinelinux.org/vuln/CVE-2023-3817
- Published
-
2023-07-31T16:15:10
(13 months ago) - Modified
-
2023-07-31T16:15:10
(13 months ago) - Rights
- Alpine Linux Security Team
- Other Advisories
-
- ALAS-2023-1843
- ALAS2-2023-2205
- ALAS2-2023-2226
- ALAS2-2023-2246
- ALAS2-2024-2502
- ALSA-2023:7877
- ALSA-2024:2447
- ELSA-2023-7877
- ELSA-2024-12056
- ELSA-2024-2447
- FREEBSD:22DF5074-71CD-11EE-85EB-84A93843EB75
- FREEBSD:BAD6588E-2FE0-11EE-A0D1-84A93843EB75
- GLSA-202402-08
- MS:CVE-2023-3817
- RHSA-2023:7877
- RHSA-2024:2447
- SSA:2023-213-01
- SUSE-SU-2023:3239-1
- SUSE-SU-2023:3242-1
- SUSE-SU-2023:3243-1
- SUSE-SU-2023:3244-1
- SUSE-SU-2023:3244-2
- SUSE-SU-2023:3291-1
- SUSE-SU-2023:3291-2
- SUSE-SU-2023:3308-1
- SUSE-SU-2023:3338-1
- SUSE-SU-2023:3339-1
- SUSE-SU-2023:3397-1
- SUSE-SU-2023:3958-1
- SUSE-SU-2023:4189-1
- SUSE-SU-2023:4190-1
- USN-6435-1
- USN-6435-2
- USN-6450-1
- USN-6709-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Fixed | pkg:apk/alpine/openssl?arch=x86_64&distro=alpine-edge | alpine | openssl | = 3.1.2-r0 | alpine-edge | x86_64 | |
Fixed | pkg:apk/alpine/openssl?arch=x86_64&distro=alpine-3.20 | alpine | openssl | = 3.1.2-r0 | alpine-3.20 | x86_64 | |
Fixed | pkg:apk/alpine/openssl?arch=x86_64&distro=alpine-3.19 | alpine | openssl | = 3.1.2-r0 | alpine-3.19 | x86_64 | |
Fixed | pkg:apk/alpine/openssl?arch=x86_64&distro=alpine-3.18 | alpine | openssl | = 3.1.2-r0 | alpine-3.18 | x86_64 | |
Fixed | pkg:apk/alpine/openssl?arch=x86_64&distro=alpine-3.17 | alpine | openssl | = 3.0.10-r0 | alpine-3.17 | x86_64 | |
Fixed | pkg:apk/alpine/openssl?arch=x86_64&distro=alpine-3.16 | alpine | openssl | = 1.1.1v-r0 | alpine-3.16 | x86_64 | |
Fixed | pkg:apk/alpine/openssl?arch=x86_64&distro=alpine-3.15 | alpine | openssl | = 1.1.1v-r0 | alpine-3.15 | x86_64 | |
Fixed | pkg:apk/alpine/openssl?arch=x86&distro=alpine-edge | alpine | openssl | = 3.1.2-r0 | alpine-edge | x86 | |
Fixed | pkg:apk/alpine/openssl?arch=x86&distro=alpine-3.20 | alpine | openssl | = 3.1.2-r0 | alpine-3.20 | x86 | |
Fixed | pkg:apk/alpine/openssl?arch=x86&distro=alpine-3.19 | alpine | openssl | = 3.1.2-r0 | alpine-3.19 | x86 | |
Fixed | pkg:apk/alpine/openssl?arch=x86&distro=alpine-3.18 | alpine | openssl | = 3.1.2-r0 | alpine-3.18 | x86 | |
Fixed | pkg:apk/alpine/openssl?arch=x86&distro=alpine-3.17 | alpine | openssl | = 3.0.10-r0 | alpine-3.17 | x86 | |
Fixed | pkg:apk/alpine/openssl?arch=x86&distro=alpine-3.16 | alpine | openssl | = 1.1.1v-r0 | alpine-3.16 | x86 | |
Fixed | pkg:apk/alpine/openssl?arch=x86&distro=alpine-3.15 | alpine | openssl | = 1.1.1v-r0 | alpine-3.15 | x86 | |
Fixed | pkg:apk/alpine/openssl?arch=s390x&distro=alpine-edge | alpine | openssl | = 3.1.2-r0 | alpine-edge | s390x | |
Fixed | pkg:apk/alpine/openssl?arch=s390x&distro=alpine-3.20 | alpine | openssl | = 3.1.2-r0 | alpine-3.20 | s390x | |
Fixed | pkg:apk/alpine/openssl?arch=s390x&distro=alpine-3.19 | alpine | openssl | = 3.1.2-r0 | alpine-3.19 | s390x | |
Fixed | pkg:apk/alpine/openssl?arch=s390x&distro=alpine-3.18 | alpine | openssl | = 3.1.2-r0 | alpine-3.18 | s390x | |
Fixed | pkg:apk/alpine/openssl?arch=s390x&distro=alpine-3.17 | alpine | openssl | = 3.0.10-r0 | alpine-3.17 | s390x | |
Fixed | pkg:apk/alpine/openssl?arch=s390x&distro=alpine-3.16 | alpine | openssl | = 1.1.1v-r0 | alpine-3.16 | s390x | |
Fixed | pkg:apk/alpine/openssl?arch=s390x&distro=alpine-3.15 | alpine | openssl | = 1.1.1v-r0 | alpine-3.15 | s390x | |
Fixed | pkg:apk/alpine/openssl?arch=riscv64&distro=alpine-edge | alpine | openssl | = 3.1.2-r0 | alpine-edge | riscv64 | |
Fixed | pkg:apk/alpine/openssl?arch=riscv64&distro=alpine-3.20 | alpine | openssl | = 3.1.2-r0 | alpine-3.20 | riscv64 | |
Fixed | pkg:apk/alpine/openssl?arch=ppc64le&distro=alpine-edge | alpine | openssl | = 3.1.2-r0 | alpine-edge | ppc64le | |
Fixed | pkg:apk/alpine/openssl?arch=ppc64le&distro=alpine-3.20 | alpine | openssl | = 3.1.2-r0 | alpine-3.20 | ppc64le | |
Fixed | pkg:apk/alpine/openssl?arch=ppc64le&distro=alpine-3.19 | alpine | openssl | = 3.1.2-r0 | alpine-3.19 | ppc64le | |
Fixed | pkg:apk/alpine/openssl?arch=ppc64le&distro=alpine-3.18 | alpine | openssl | = 3.1.2-r0 | alpine-3.18 | ppc64le | |
Fixed | pkg:apk/alpine/openssl?arch=ppc64le&distro=alpine-3.17 | alpine | openssl | = 3.0.10-r0 | alpine-3.17 | ppc64le | |
Fixed | pkg:apk/alpine/openssl?arch=ppc64le&distro=alpine-3.16 | alpine | openssl | = 1.1.1v-r0 | alpine-3.16 | ppc64le | |
Fixed | pkg:apk/alpine/openssl?arch=ppc64le&distro=alpine-3.15 | alpine | openssl | = 1.1.1v-r0 | alpine-3.15 | ppc64le | |
Fixed | pkg:apk/alpine/openssl?arch=armv7&distro=alpine-edge | alpine | openssl | = 3.1.2-r0 | alpine-edge | armv7 | |
Fixed | pkg:apk/alpine/openssl?arch=armv7&distro=alpine-3.20 | alpine | openssl | = 3.1.2-r0 | alpine-3.20 | armv7 | |
Fixed | pkg:apk/alpine/openssl?arch=armv7&distro=alpine-3.19 | alpine | openssl | = 3.1.2-r0 | alpine-3.19 | armv7 | |
Fixed | pkg:apk/alpine/openssl?arch=armv7&distro=alpine-3.18 | alpine | openssl | = 3.1.2-r0 | alpine-3.18 | armv7 | |
Fixed | pkg:apk/alpine/openssl?arch=armv7&distro=alpine-3.17 | alpine | openssl | = 3.0.10-r0 | alpine-3.17 | armv7 | |
Fixed | pkg:apk/alpine/openssl?arch=armv7&distro=alpine-3.16 | alpine | openssl | = 1.1.1v-r0 | alpine-3.16 | armv7 | |
Fixed | pkg:apk/alpine/openssl?arch=armv7&distro=alpine-3.15 | alpine | openssl | = 1.1.1v-r0 | alpine-3.15 | armv7 | |
Fixed | pkg:apk/alpine/openssl?arch=armhf&distro=alpine-edge | alpine | openssl | = 3.1.2-r0 | alpine-edge | armhf | |
Fixed | pkg:apk/alpine/openssl?arch=armhf&distro=alpine-3.20 | alpine | openssl | = 3.1.2-r0 | alpine-3.20 | armhf | |
Fixed | pkg:apk/alpine/openssl?arch=armhf&distro=alpine-3.19 | alpine | openssl | = 3.1.2-r0 | alpine-3.19 | armhf | |
Fixed | pkg:apk/alpine/openssl?arch=armhf&distro=alpine-3.18 | alpine | openssl | = 3.1.2-r0 | alpine-3.18 | armhf | |
Fixed | pkg:apk/alpine/openssl?arch=armhf&distro=alpine-3.17 | alpine | openssl | = 3.0.10-r0 | alpine-3.17 | armhf | |
Fixed | pkg:apk/alpine/openssl?arch=armhf&distro=alpine-3.16 | alpine | openssl | = 1.1.1v-r0 | alpine-3.16 | armhf | |
Fixed | pkg:apk/alpine/openssl?arch=armhf&distro=alpine-3.15 | alpine | openssl | = 1.1.1v-r0 | alpine-3.15 | armhf | |
Fixed | pkg:apk/alpine/openssl?arch=aarch64&distro=alpine-edge | alpine | openssl | = 3.1.2-r0 | alpine-edge | aarch64 | |
Fixed | pkg:apk/alpine/openssl?arch=aarch64&distro=alpine-3.20 | alpine | openssl | = 3.1.2-r0 | alpine-3.20 | aarch64 | |
Fixed | pkg:apk/alpine/openssl?arch=aarch64&distro=alpine-3.19 | alpine | openssl | = 3.1.2-r0 | alpine-3.19 | aarch64 | |
Fixed | pkg:apk/alpine/openssl?arch=aarch64&distro=alpine-3.18 | alpine | openssl | = 3.1.2-r0 | alpine-3.18 | aarch64 | |
Fixed | pkg:apk/alpine/openssl?arch=aarch64&distro=alpine-3.17 | alpine | openssl | = 3.0.10-r0 | alpine-3.17 | aarch64 | |
Fixed | pkg:apk/alpine/openssl?arch=aarch64&distro=alpine-3.16 | alpine | openssl | = 1.1.1v-r0 | alpine-3.16 | aarch64 | |
Fixed | pkg:apk/alpine/openssl?arch=aarch64&distro=alpine-3.15 | alpine | openssl | = 1.1.1v-r0 | alpine-3.15 | aarch64 | |
Fixed | pkg:apk/alpine/openssl3?arch=x86_64&distro=alpine-3.16 | alpine | openssl3 | = 3.0.11-r0 | alpine-3.16 | x86_64 | |
Fixed | pkg:apk/alpine/openssl3?arch=x86_64&distro=alpine-3.15 | alpine | openssl3 | = 3.0.11-r0 | alpine-3.15 | x86_64 | |
Fixed | pkg:apk/alpine/openssl3?arch=x86&distro=alpine-3.16 | alpine | openssl3 | = 3.0.11-r0 | alpine-3.16 | x86 | |
Fixed | pkg:apk/alpine/openssl3?arch=x86&distro=alpine-3.15 | alpine | openssl3 | = 3.0.11-r0 | alpine-3.15 | x86 | |
Fixed | pkg:apk/alpine/openssl3?arch=s390x&distro=alpine-3.16 | alpine | openssl3 | = 3.0.11-r0 | alpine-3.16 | s390x | |
Fixed | pkg:apk/alpine/openssl3?arch=s390x&distro=alpine-3.15 | alpine | openssl3 | = 3.0.11-r0 | alpine-3.15 | s390x | |
Fixed | pkg:apk/alpine/openssl3?arch=ppc64le&distro=alpine-3.16 | alpine | openssl3 | = 3.0.11-r0 | alpine-3.16 | ppc64le | |
Fixed | pkg:apk/alpine/openssl3?arch=ppc64le&distro=alpine-3.15 | alpine | openssl3 | = 3.0.11-r0 | alpine-3.15 | ppc64le | |
Fixed | pkg:apk/alpine/openssl3?arch=armv7&distro=alpine-3.16 | alpine | openssl3 | = 3.0.11-r0 | alpine-3.16 | armv7 | |
Fixed | pkg:apk/alpine/openssl3?arch=armv7&distro=alpine-3.15 | alpine | openssl3 | = 3.0.11-r0 | alpine-3.15 | armv7 | |
Fixed | pkg:apk/alpine/openssl3?arch=armhf&distro=alpine-3.16 | alpine | openssl3 | = 3.0.11-r0 | alpine-3.16 | armhf | |
Fixed | pkg:apk/alpine/openssl3?arch=armhf&distro=alpine-3.15 | alpine | openssl3 | = 3.0.11-r0 | alpine-3.15 | armhf | |
Fixed | pkg:apk/alpine/openssl3?arch=aarch64&distro=alpine-3.16 | alpine | openssl3 | = 3.0.11-r0 | alpine-3.16 | aarch64 | |
Fixed | pkg:apk/alpine/openssl3?arch=aarch64&distro=alpine-3.15 | alpine | openssl3 | = 3.0.11-r0 | alpine-3.15 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |