1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-6188-1

[USN-6188-1] OpenSSL vulnerability

Severity Medium
Affected Packages 8
CVEs 1
Info Packages Vulnerabilities

OpenSSL could be made to consume resources and cause long delays if it processed certain input.

Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1
object identifiers. A remote attacker could possibly use this issue to
cause OpenSSL to consume resources, resulting in a denial of service.

Package Affected Version
pkg:deb/ubuntu/openssl?distro=xenial < 1.0.2g-1ubuntu4.20+esm9
pkg:deb/ubuntu/openssl?distro=trusty < 1.0.1f-1ubuntu2.27+esm9
pkg:deb/ubuntu/libssl1.0.0?distro=xenial < 1.0.2g-1ubuntu4.20+esm9
pkg:deb/ubuntu/libssl1.0.0?distro=trusty < 1.0.1f-1ubuntu2.27+esm9
pkg:deb/ubuntu/libssl-doc?distro=xenial < 1.0.2g-1ubuntu4.20+esm9
pkg:deb/ubuntu/libssl-doc?distro=trusty < 1.0.1f-1ubuntu2.27+esm9
pkg:deb/ubuntu/libssl-dev?distro=xenial < 1.0.2g-1ubuntu4.20+esm9
pkg:deb/ubuntu/libssl-dev?distro=trusty < 1.0.1f-1ubuntu2.27+esm9
ID
USN-6188-1
Severity
medium
Severity from
CVE-2023-2650
URL
https://ubuntu.com/security/notices/USN-6188-1
Published
2023-06-22T14:53:11
(15 months ago)
Modified
2023-06-22T14:53:11
(15 months ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/openssl?distro=xenial ubuntu openssl < 1.0.2g-1ubuntu4.20+esm9 xenial
Affected pkg:deb/ubuntu/openssl?distro=trusty ubuntu openssl < 1.0.1f-1ubuntu2.27+esm9 trusty
Affected pkg:deb/ubuntu/libssl1.0.0?distro=xenial ubuntu libssl1.0.0 < 1.0.2g-1ubuntu4.20+esm9 xenial
Affected pkg:deb/ubuntu/libssl1.0.0?distro=trusty ubuntu libssl1.0.0 < 1.0.1f-1ubuntu2.27+esm9 trusty
Affected pkg:deb/ubuntu/libssl-doc?distro=xenial ubuntu libssl-doc < 1.0.2g-1ubuntu4.20+esm9 xenial
Affected pkg:deb/ubuntu/libssl-doc?distro=trusty ubuntu libssl-doc < 1.0.1f-1ubuntu2.27+esm9 trusty
Affected pkg:deb/ubuntu/libssl-dev?distro=xenial ubuntu libssl-dev < 1.0.2g-1ubuntu4.20+esm9 xenial
Affected pkg:deb/ubuntu/libssl-dev?distro=trusty ubuntu libssl-dev < 1.0.1f-1ubuntu2.27+esm9 trusty
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date