[USN-6435-1] OpenSSL vulnerabilities
Severity
Medium
Affected Packages
8
CVEs
2
OpenSSL could be made to consume resources and cause long delays if it processed certain input.
It was discovered that OpenSSL incorrectly handled excessively large
Diffie-Hellman parameters. An attacker could possibly use this issue
to cause a denial of service. (CVE-2023-3446)
Bernd Edlinger discovered that OpenSSL incorrectly handled excessively
large Diffie-Hellman parameters. An attacker could possibly use this
issue to cause a denial of service. (CVE-2023-3817)
Package | Affected Version |
---|---|
pkg:deb/ubuntu/openssl?distro=xenial | < 1.0.2g-1ubuntu4.20+esm10 |
pkg:deb/ubuntu/openssl?distro=bionic | < 1.1.1-1ubuntu2.1~18.04.23+esm3 |
pkg:deb/ubuntu/libssl1.1?distro=bionic | < 1.1.1-1ubuntu2.1~18.04.23+esm3 |
pkg:deb/ubuntu/libssl1.0.0?distro=xenial | < 1.0.2g-1ubuntu4.20+esm10 |
pkg:deb/ubuntu/libssl-doc?distro=xenial | < 1.0.2g-1ubuntu4.20+esm10 |
pkg:deb/ubuntu/libssl-doc?distro=bionic | < 1.1.1-1ubuntu2.1~18.04.23+esm3 |
pkg:deb/ubuntu/libssl-dev?distro=xenial | < 1.0.2g-1ubuntu4.20+esm10 |
pkg:deb/ubuntu/libssl-dev?distro=bionic | < 1.1.1-1ubuntu2.1~18.04.23+esm3 |
- ID
- USN-6435-1
- Severity
- medium
- Severity from
- CVE-2023-3446
- URL
- https://ubuntu.com/security/notices/USN-6435-1
- Published
-
2023-10-18T19:51:24
(11 months ago) - Modified
-
2023-10-18T19:51:24
(11 months ago) - Other Advisories
-
- ALAS-2023-1843
- ALAS2-2023-2205
- ALAS2-2023-2226
- ALAS2-2023-2246
- ALAS2-2024-2502
- ALPINE:CVE-2023-3446
- ALPINE:CVE-2023-3817
- ALSA-2023:7877
- ALSA-2024:0888
- ALSA-2024:2264
- ALSA-2024:2447
- ELSA-2023-7877
- ELSA-2024-0888
- ELSA-2024-12056
- ELSA-2024-2264
- ELSA-2024-2447
- FREEBSD:22DF5074-71CD-11EE-85EB-84A93843EB75
- FREEBSD:BAD6588E-2FE0-11EE-A0D1-84A93843EB75
- GLSA-202402-08
- MS:CVE-2023-3817
- RHSA-2023:7877
- RHSA-2024:0888
- RHSA-2024:2264
- RHSA-2024:2447
- RLSA-2024:2264
- SSA:2023-213-01
- SUSE-SU-2023:2961-1
- SUSE-SU-2023:2962-1
- SUSE-SU-2023:2964-1
- SUSE-SU-2023:2965-1
- SUSE-SU-2023:2972-1
- SUSE-SU-2023:2973-1
- SUSE-SU-2023:3011-1
- SUSE-SU-2023:3012-1
- SUSE-SU-2023:3013-1
- SUSE-SU-2023:3093-1
- SUSE-SU-2023:3096-1
- SUSE-SU-2023:3160-1
- SUSE-SU-2023:3179-1
- SUSE-SU-2023:3239-1
- SUSE-SU-2023:3242-1
- SUSE-SU-2023:3243-1
- SUSE-SU-2023:3244-1
- SUSE-SU-2023:3244-2
- SUSE-SU-2023:3291-1
- SUSE-SU-2023:3291-2
- SUSE-SU-2023:3308-1
- SUSE-SU-2023:3338-1
- SUSE-SU-2023:3339-1
- SUSE-SU-2023:3397-1
- SUSE-SU-2023:3958-1
- SUSE-SU-2023:4189-1
- SUSE-SU-2023:4190-1
- USN-6435-2
- USN-6450-1
- USN-6709-1
- USN-7018-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/openssl?distro=xenial | ubuntu | openssl | < 1.0.2g-1ubuntu4.20+esm10 | xenial | ||
Affected | pkg:deb/ubuntu/openssl?distro=bionic | ubuntu | openssl | < 1.1.1-1ubuntu2.1~18.04.23+esm3 | bionic | ||
Affected | pkg:deb/ubuntu/libssl1.1?distro=bionic | ubuntu | libssl1.1 | < 1.1.1-1ubuntu2.1~18.04.23+esm3 | bionic | ||
Affected | pkg:deb/ubuntu/libssl1.0.0?distro=xenial | ubuntu | libssl1.0.0 | < 1.0.2g-1ubuntu4.20+esm10 | xenial | ||
Affected | pkg:deb/ubuntu/libssl-doc?distro=xenial | ubuntu | libssl-doc | < 1.0.2g-1ubuntu4.20+esm10 | xenial | ||
Affected | pkg:deb/ubuntu/libssl-doc?distro=bionic | ubuntu | libssl-doc | < 1.1.1-1ubuntu2.1~18.04.23+esm3 | bionic | ||
Affected | pkg:deb/ubuntu/libssl-dev?distro=xenial | ubuntu | libssl-dev | < 1.0.2g-1ubuntu4.20+esm10 | xenial | ||
Affected | pkg:deb/ubuntu/libssl-dev?distro=bionic | ubuntu | libssl-dev | < 1.1.1-1ubuntu2.1~18.04.23+esm3 | bionic |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |