csaf_suse - suse-su-2022:3843-1

suse-su-2022:3843-1

Vulnerability from csaf_suse

Published

2022-11-01 16:40

Modified

2022-11-01 16:40

Summary

Security update for openssl-3

Notes

Title of the patch

Security update for openssl-3

Description of the patch

This update for openssl-3 fixes the following issues: - CVE-2022-3358: Fixed vulnerability where a custom cipher passed to EVP_CipherInit() could lead into NULL encryption being unexpectedly used (bsc#1204226). - CVE-2022-3602: Fixed a buffer overflow in the X.509 email address. (bsc#1204714) - CVE-2022-3786: Fixed another buffer overflow related to X.509 email address. (bsc#1204714)

Patchnames

SUSE-2022-3843,SUSE-SLE-Module-Basesystem-15-SP4-2022-3843,openSUSE-SLE-15.4-2022-3843

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "critical"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for openssl-3",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for openssl-3 fixes the following issues:\n\n- CVE-2022-3358: Fixed vulnerability where a custom cipher passed to EVP_CipherInit() could lead into NULL encryption being unexpectedly used (bsc#1204226).\n- CVE-2022-3602: Fixed a buffer overflow in the X.509 email address. (bsc#1204714)\n- CVE-2022-3786: Fixed another buffer overflow related to X.509 email address. (bsc#1204714)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2022-3843,SUSE-SLE-Module-Basesystem-15-SP4-2022-3843,openSUSE-SLE-15.4-2022-3843",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3843-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2022:3843-1",
        "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223843-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2022:3843-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-November/012796.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1204226",
        "url": "https://bugzilla.suse.com/1204226"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1204714",
        "url": "https://bugzilla.suse.com/1204714"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-3358 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-3358/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-3602 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-3602/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-3786 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-3786/"
      }
    ],
    "title": "Security update for openssl-3",
    "tracking": {
      "current_release_date": "2022-11-01T16:40:22Z",
      "generator": {
        "date": "2022-11-01T16:40:22Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2022:3843-1",
      "initial_release_date": "2022-11-01T16:40:22Z",
      "revision_history": [
        {
          "date": "2022-11-01T16:40:22Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
                "product": {
                  "name": "libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
                  "product_id": "libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl3-3.0.1-150400.4.11.1.aarch64",
                "product": {
                  "name": "libopenssl3-3.0.1-150400.4.11.1.aarch64",
                  "product_id": "libopenssl3-3.0.1-150400.4.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "openssl-3-3.0.1-150400.4.11.1.aarch64",
                "product": {
                  "name": "openssl-3-3.0.1-150400.4.11.1.aarch64",
                  "product_id": "openssl-3-3.0.1-150400.4.11.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libopenssl-3-devel-64bit-3.0.1-150400.4.11.1.aarch64_ilp32",
                "product": {
                  "name": "libopenssl-3-devel-64bit-3.0.1-150400.4.11.1.aarch64_ilp32",
                  "product_id": "libopenssl-3-devel-64bit-3.0.1-150400.4.11.1.aarch64_ilp32"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl3-64bit-3.0.1-150400.4.11.1.aarch64_ilp32",
                "product": {
                  "name": "libopenssl3-64bit-3.0.1-150400.4.11.1.aarch64_ilp32",
                  "product_id": "libopenssl3-64bit-3.0.1-150400.4.11.1.aarch64_ilp32"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64_ilp32"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libopenssl-3-devel-3.0.1-150400.4.11.1.i586",
                "product": {
                  "name": "libopenssl-3-devel-3.0.1-150400.4.11.1.i586",
                  "product_id": "libopenssl-3-devel-3.0.1-150400.4.11.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl3-3.0.1-150400.4.11.1.i586",
                "product": {
                  "name": "libopenssl3-3.0.1-150400.4.11.1.i586",
                  "product_id": "libopenssl3-3.0.1-150400.4.11.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "openssl-3-3.0.1-150400.4.11.1.i586",
                "product": {
                  "name": "openssl-3-3.0.1-150400.4.11.1.i586",
                  "product_id": "openssl-3-3.0.1-150400.4.11.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openssl-3-doc-3.0.1-150400.4.11.1.noarch",
                "product": {
                  "name": "openssl-3-doc-3.0.1-150400.4.11.1.noarch",
                  "product_id": "openssl-3-doc-3.0.1-150400.4.11.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
                "product": {
                  "name": "libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
                  "product_id": "libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl3-3.0.1-150400.4.11.1.ppc64le",
                "product": {
                  "name": "libopenssl3-3.0.1-150400.4.11.1.ppc64le",
                  "product_id": "libopenssl3-3.0.1-150400.4.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "openssl-3-3.0.1-150400.4.11.1.ppc64le",
                "product": {
                  "name": "openssl-3-3.0.1-150400.4.11.1.ppc64le",
                  "product_id": "openssl-3-3.0.1-150400.4.11.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
                "product": {
                  "name": "libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
                  "product_id": "libopenssl-3-devel-3.0.1-150400.4.11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl3-3.0.1-150400.4.11.1.s390x",
                "product": {
                  "name": "libopenssl3-3.0.1-150400.4.11.1.s390x",
                  "product_id": "libopenssl3-3.0.1-150400.4.11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "openssl-3-3.0.1-150400.4.11.1.s390x",
                "product": {
                  "name": "openssl-3-3.0.1-150400.4.11.1.s390x",
                  "product_id": "openssl-3-3.0.1-150400.4.11.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
                "product": {
                  "name": "libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
                  "product_id": "libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl-3-devel-32bit-3.0.1-150400.4.11.1.x86_64",
                "product": {
                  "name": "libopenssl-3-devel-32bit-3.0.1-150400.4.11.1.x86_64",
                  "product_id": "libopenssl-3-devel-32bit-3.0.1-150400.4.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl3-3.0.1-150400.4.11.1.x86_64",
                "product": {
                  "name": "libopenssl3-3.0.1-150400.4.11.1.x86_64",
                  "product_id": "libopenssl3-3.0.1-150400.4.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "libopenssl3-32bit-3.0.1-150400.4.11.1.x86_64",
                "product": {
                  "name": "libopenssl3-32bit-3.0.1-150400.4.11.1.x86_64",
                  "product_id": "libopenssl3-32bit-3.0.1-150400.4.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "openssl-3-3.0.1-150400.4.11.1.x86_64",
                "product": {
                  "name": "openssl-3-3.0.1-150400.4.11.1.x86_64",
                  "product_id": "openssl-3-3.0.1-150400.4.11.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
                  "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-basesystem:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.4",
                "product": {
                  "name": "openSUSE Leap 15.4",
                  "product_id": "openSUSE Leap 15.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64"
        },
        "product_reference": "libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le"
        },
        "product_reference": "libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-devel-3.0.1-150400.4.11.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.s390x"
        },
        "product_reference": "libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64"
        },
        "product_reference": "libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-3.0.1-150400.4.11.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.aarch64"
        },
        "product_reference": "libopenssl3-3.0.1-150400.4.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-3.0.1-150400.4.11.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.ppc64le"
        },
        "product_reference": "libopenssl3-3.0.1-150400.4.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-3.0.1-150400.4.11.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.s390x"
        },
        "product_reference": "libopenssl3-3.0.1-150400.4.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-3.0.1-150400.4.11.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.x86_64"
        },
        "product_reference": "libopenssl3-3.0.1-150400.4.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-3-3.0.1-150400.4.11.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.aarch64"
        },
        "product_reference": "openssl-3-3.0.1-150400.4.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-3-3.0.1-150400.4.11.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.ppc64le"
        },
        "product_reference": "openssl-3-3.0.1-150400.4.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-3-3.0.1-150400.4.11.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.s390x"
        },
        "product_reference": "openssl-3-3.0.1-150400.4.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-3-3.0.1-150400.4.11.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
          "product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.x86_64"
        },
        "product_reference": "openssl-3-3.0.1-150400.4.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64"
        },
        "product_reference": "libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le"
        },
        "product_reference": "libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-devel-3.0.1-150400.4.11.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.s390x"
        },
        "product_reference": "libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64"
        },
        "product_reference": "libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl-3-devel-32bit-3.0.1-150400.4.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.11.1.x86_64"
        },
        "product_reference": "libopenssl-3-devel-32bit-3.0.1-150400.4.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-3.0.1-150400.4.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.aarch64"
        },
        "product_reference": "libopenssl3-3.0.1-150400.4.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-3.0.1-150400.4.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.ppc64le"
        },
        "product_reference": "libopenssl3-3.0.1-150400.4.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-3.0.1-150400.4.11.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.s390x"
        },
        "product_reference": "libopenssl3-3.0.1-150400.4.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-3.0.1-150400.4.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.x86_64"
        },
        "product_reference": "libopenssl3-3.0.1-150400.4.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libopenssl3-32bit-3.0.1-150400.4.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.11.1.x86_64"
        },
        "product_reference": "libopenssl3-32bit-3.0.1-150400.4.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-3-3.0.1-150400.4.11.1.aarch64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.aarch64"
        },
        "product_reference": "openssl-3-3.0.1-150400.4.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-3-3.0.1-150400.4.11.1.ppc64le as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.ppc64le"
        },
        "product_reference": "openssl-3-3.0.1-150400.4.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-3-3.0.1-150400.4.11.1.s390x as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.s390x"
        },
        "product_reference": "openssl-3-3.0.1-150400.4.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-3-3.0.1-150400.4.11.1.x86_64 as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.x86_64"
        },
        "product_reference": "openssl-3-3.0.1-150400.4.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openssl-3-doc-3.0.1-150400.4.11.1.noarch as component of openSUSE Leap 15.4",
          "product_id": "openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.11.1.noarch"
        },
        "product_reference": "openssl-3-doc-3.0.1-150400.4.11.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-3358",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-3358"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "OpenSSL supports creating a custom cipher via the legacy EVP_CIPHER_meth_new() function and associated function calls. This function was deprecated in OpenSSL 3.0 and application authors are instead encouraged to use the new provider mechanism in order to implement custom ciphers. OpenSSL versions 3.0.0 to 3.0.5 incorrectly handle legacy custom ciphers passed to the EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() and EVP_CipherInit_ex2() functions (as well as other similarly named encryption and decryption initialisation functions). Instead of using the custom cipher directly it incorrectly tries to fetch an equivalent cipher from the available providers. An equivalent cipher is found based on the NID passed to EVP_CIPHER_meth_new(). This NID is supposed to represent the unique NID for a given cipher. However it is possible for an application to incorrectly pass NID_undef as this value in the call to EVP_CIPHER_meth_new(). When NID_undef is used in this way the OpenSSL encryption/decryption initialisation function will match the NULL cipher as being equivalent and will fetch this from the available providers. This will succeed if the default provider has been loaded (or if a third party provider has been loaded that offers this cipher). Using the NULL cipher means that the plaintext is emitted as the ciphertext. Applications are only affected by this issue if they call EVP_CIPHER_meth_new() using NID_undef and subsequently use it in a call to an encryption/decryption initialisation function. Applications that only use SSL/TLS are not impacted by this issue. Fixed in OpenSSL 3.0.6 (Affected 3.0.0-3.0.5).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.x86_64",
          "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
          "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
          "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
          "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
          "openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.11.1.x86_64",
          "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.aarch64",
          "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.ppc64le",
          "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.s390x",
          "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.x86_64",
          "openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.11.1.x86_64",
          "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.aarch64",
          "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.ppc64le",
          "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.s390x",
          "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.x86_64",
          "openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.11.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-3358",
          "url": "https://www.suse.com/security/cve/CVE-2022-3358"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204226 for CVE-2022-3358",
          "url": "https://bugzilla.suse.com/1204226"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.aarch64",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.ppc64le",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.s390x",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.aarch64",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.ppc64le",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.s390x",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.11.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.aarch64",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.ppc64le",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.s390x",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.aarch64",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.ppc64le",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.s390x",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.11.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-11-01T16:40:22Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-3358"
    },
    {
      "cve": "CVE-2022-3602",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-3602"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. The risk may be further mitigated based on stack layout for any given platform/compiler. Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.x86_64",
          "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
          "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
          "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
          "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
          "openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.11.1.x86_64",
          "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.aarch64",
          "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.ppc64le",
          "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.s390x",
          "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.x86_64",
          "openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.11.1.x86_64",
          "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.aarch64",
          "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.ppc64le",
          "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.s390x",
          "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.x86_64",
          "openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.11.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-3602",
          "url": "https://www.suse.com/security/cve/CVE-2022-3602"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204714 for CVE-2022-3602",
          "url": "https://bugzilla.suse.com/1204714"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.aarch64",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.ppc64le",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.s390x",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.aarch64",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.ppc64le",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.s390x",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.11.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.aarch64",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.ppc64le",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.s390x",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.aarch64",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.ppc64le",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.s390x",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.11.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-11-01T16:40:22Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-3602"
    },
    {
      "cve": "CVE-2022-3786",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-3786"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.\u0027 character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.\n\n",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.x86_64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.aarch64",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.s390x",
          "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.x86_64",
          "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
          "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
          "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
          "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
          "openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.11.1.x86_64",
          "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.aarch64",
          "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.ppc64le",
          "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.s390x",
          "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.x86_64",
          "openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.11.1.x86_64",
          "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.aarch64",
          "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.ppc64le",
          "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.s390x",
          "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.x86_64",
          "openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.11.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-3786",
          "url": "https://www.suse.com/security/cve/CVE-2022-3786"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1204714 for CVE-2022-3786",
          "url": "https://bugzilla.suse.com/1204714"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.aarch64",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.ppc64le",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.s390x",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.aarch64",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.ppc64le",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.s390x",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.11.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:libopenssl3-3.0.1-150400.4.11.1.x86_64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.aarch64",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.s390x",
            "SUSE Linux Enterprise Module for Basesystem 15 SP4:openssl-3-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.aarch64",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.ppc64le",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.s390x",
            "openSUSE Leap 15.4:libopenssl-3-devel-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl-3-devel-32bit-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.aarch64",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.ppc64le",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.s390x",
            "openSUSE Leap 15.4:libopenssl3-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:libopenssl3-32bit-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.aarch64",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.ppc64le",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.s390x",
            "openSUSE Leap 15.4:openssl-3-3.0.1-150400.4.11.1.x86_64",
            "openSUSE Leap 15.4:openssl-3-doc-3.0.1-150400.4.11.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2022-11-01T16:40:22Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-3786"
    }
  ]
}

CVE-2022-3602 (GCVE-0-2022-3602)

Vulnerability from cvelistv5

Published

2022-11-01 00:00

Modified

2025-05-05 16:12

Severity ?

CWE

Buffer overflow

Summary

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. The risk may be further mitigated based on stack layout for any given platform/compiler. Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6).

References

►

URL

Tags

	https://www.openssl.org/news/secadv/20221101.txt
	https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fe3b639dc19b325846f4f6801f2f4604f56e3de3
	http://www.openwall.com/lists/oss-security/2022/11/01/15	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/01/16	mailing-list
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a	vendor-advisory
	http://www.openwall.com/lists/oss-security/2022/11/01/21	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/01/19	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/01/18	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/01/20	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/01/24	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/01/17	mailing-list
	https://security.gentoo.org/glsa/202211-01	vendor-advisory
	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023
	https://www.kb.cert.org/vuls/id/794340	third-party-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/	vendor-advisory
	http://www.openwall.com/lists/oss-security/2022/11/02/2	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/02/6	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/02/5	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/02/1	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/02/3	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/02/7	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/02/10	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/02/9	mailing-list
	http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html
	http://www.openwall.com/lists/oss-security/2022/11/02/12	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/02/11	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/02/15	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/02/14	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/02/13	mailing-list
	https://security.netapp.com/advisory/ntap-20221102-0001/
	http://www.openwall.com/lists/oss-security/2022/11/03/1	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/03/2	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/03/3	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/03/5	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/03/7	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/03/6	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/03/9	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/03/10	mailing-list
	http://www.openwall.com/lists/oss-security/2022/11/03/11	mailing-list

Impacted products

	Vendor	Product	Version
	OpenSSL	OpenSSL	Version: Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T01:14:02.712Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openssl.org/news/secadv/20221101.txt"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fe3b639dc19b325846f4f6801f2f4604f56e3de3"
          },
          {
            "name": "[oss-security] 20221101 OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/01/15"
          },
          {
            "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/01/16"
          },
          {
            "name": "20221028 Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a"
          },
          {
            "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/01/21"
          },
          {
            "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/01/19"
          },
          {
            "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/01/18"
          },
          {
            "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/01/20"
          },
          {
            "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/01/24"
          },
          {
            "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/01/17"
          },
          {
            "name": "GLSA-202211-01",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202211-01"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023"
          },
          {
            "name": "VU#794340",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/794340"
          },
          {
            "name": "FEDORA-2022-0f1d2e0537",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/"
          },
          {
            "name": "FEDORA-2022-502f096dce",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/"
          },
          {
            "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/02/2"
          },
          {
            "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/02/6"
          },
          {
            "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/02/5"
          },
          {
            "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/02/1"
          },
          {
            "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/02/3"
          },
          {
            "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/02/7"
          },
          {
            "name": "[oss-security] 20221102 Re: Fwd: Node.js security updates for all active release lines, November 2022",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/02/10"
          },
          {
            "name": "[oss-security] 20221102 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/02/9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html"
          },
          {
            "name": "[oss-security] 20221102 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/02/12"
          },
          {
            "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/02/11"
          },
          {
            "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/02/15"
          },
          {
            "name": "[oss-security] 20221102 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/02/14"
          },
          {
            "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/02/13"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20221102-0001/"
          },
          {
            "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/03/1"
          },
          {
            "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/03/2"
          },
          {
            "name": "[oss-security] 20221103 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/03/3"
          },
          {
            "name": "[oss-security] 20221103 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/03/5"
          },
          {
            "name": "[oss-security] 20221103 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/03/7"
          },
          {
            "name": "[oss-security] 20221103 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/03/6"
          },
          {
            "name": "[oss-security] 20221103 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/03/9"
          },
          {
            "name": "[oss-security] 20221103 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/03/10"
          },
          {
            "name": "[oss-security] 20221103 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2022/11/03/11"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-3602",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T13:26:56.588972Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-787",
                "description": "CWE-787 Out-of-bounds Write",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-05T16:12:48.023Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "OpenSSL",
          "vendor": "OpenSSL",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6)"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Polar Bear"
        }
      ],
      "datePublic": "2022-11-01T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. The risk may be further mitigated based on stack layout for any given platform/compiler. Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6)."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "lang": "eng",
              "url": "https://www.openssl.org/policies/secpolicy.html#HIGH",
              "value": "HIGH"
            },
            "type": "unknown"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Buffer overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-11-03T00:00:00.000Z",
        "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "shortName": "openssl"
      },
      "references": [
        {
          "url": "https://www.openssl.org/news/secadv/20221101.txt"
        },
        {
          "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fe3b639dc19b325846f4f6801f2f4604f56e3de3"
        },
        {
          "name": "[oss-security] 20221101 OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/01/15"
        },
        {
          "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/01/16"
        },
        {
          "name": "20221028 Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a"
        },
        {
          "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/01/21"
        },
        {
          "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/01/19"
        },
        {
          "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/01/18"
        },
        {
          "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/01/20"
        },
        {
          "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/01/24"
        },
        {
          "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/01/17"
        },
        {
          "name": "GLSA-202211-01",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202211-01"
        },
        {
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023"
        },
        {
          "name": "VU#794340",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.kb.cert.org/vuls/id/794340"
        },
        {
          "name": "FEDORA-2022-0f1d2e0537",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/"
        },
        {
          "name": "FEDORA-2022-502f096dce",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/"
        },
        {
          "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/02/2"
        },
        {
          "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/02/6"
        },
        {
          "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/02/5"
        },
        {
          "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/02/1"
        },
        {
          "name": "[oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/02/3"
        },
        {
          "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/02/7"
        },
        {
          "name": "[oss-security] 20221102 Re: Fwd: Node.js security updates for all active release lines, November 2022",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/02/10"
        },
        {
          "name": "[oss-security] 20221102 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/02/9"
        },
        {
          "url": "http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html"
        },
        {
          "name": "[oss-security] 20221102 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/02/12"
        },
        {
          "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/02/11"
        },
        {
          "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/02/15"
        },
        {
          "name": "[oss-security] 20221102 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/02/14"
        },
        {
          "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/02/13"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20221102-0001/"
        },
        {
          "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/03/1"
        },
        {
          "name": "[oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/03/2"
        },
        {
          "name": "[oss-security] 20221103 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/03/3"
        },
        {
          "name": "[oss-security] 20221103 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/03/5"
        },
        {
          "name": "[oss-security] 20221103 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/03/7"
        },
        {
          "name": "[oss-security] 20221103 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/03/6"
        },
        {
          "name": "[oss-security] 20221103 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/03/9"
        },
        {
          "name": "[oss-security] 20221103 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/03/10"
        },
        {
          "name": "[oss-security] 20221103 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2022/11/03/11"
        }
      ],
      "title": "X.509 Email Address 4-byte Buffer Overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
    "assignerShortName": "openssl",
    "cveId": "CVE-2022-3602",
    "datePublished": "2022-11-01T00:00:00.000Z",
    "dateReserved": "2022-10-19T00:00:00.000Z",
    "dateUpdated": "2025-05-05T16:12:48.023Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-3358 (GCVE-0-2022-3358)

Vulnerability from cvelistv5

Published

2022-10-11 15:00

Modified

2024-09-16 16:33

Severity ?

CWE

NULL encryption

Summary

OpenSSL supports creating a custom cipher via the legacy EVP_CIPHER_meth_new() function and associated function calls. This function was deprecated in OpenSSL 3.0 and application authors are instead encouraged to use the new provider mechanism in order to implement custom ciphers. OpenSSL versions 3.0.0 to 3.0.5 incorrectly handle legacy custom ciphers passed to the EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() and EVP_CipherInit_ex2() functions (as well as other similarly named encryption and decryption initialisation functions). Instead of using the custom cipher directly it incorrectly tries to fetch an equivalent cipher from the available providers. An equivalent cipher is found based on the NID passed to EVP_CIPHER_meth_new(). This NID is supposed to represent the unique NID for a given cipher. However it is possible for an application to incorrectly pass NID_undef as this value in the call to EVP_CIPHER_meth_new(). When NID_undef is used in this way the OpenSSL encryption/decryption initialisation function will match the NULL cipher as being equivalent and will fetch this from the available providers. This will succeed if the default provider has been loaded (or if a third party provider has been loaded that offers this cipher). Using the NULL cipher means that the plaintext is emitted as the ciphertext. Applications are only affected by this issue if they call EVP_CIPHER_meth_new() using NID_undef and subsequently use it in a call to an encryption/decryption initialisation function. Applications that only use SSL/TLS are not impacted by this issue. Fixed in OpenSSL 3.0.6 (Affected 3.0.0-3.0.5).

References

►

URL

Tags

	https://www.openssl.org/news/secadv/20221011.txt
	https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b
	https://security.netapp.com/advisory/ntap-20221028-0014/
	https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023
	https://security.gentoo.org/glsa/202402-08	vendor-advisory

Impacted products

	Vendor	Product	Version
	OpenSSL	OpenSSL	Version: Fixed in OpenSSL 3.0.6 (Affected 3.0.0-3.0.5)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T01:07:06.484Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openssl.org/news/secadv/20221011.txt"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20221028-0014/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023"
          },
          {
            "name": "GLSA-202402-08",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202402-08"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "OpenSSL",
          "vendor": "OpenSSL",
          "versions": [
            {
              "status": "affected",
              "version": "Fixed in OpenSSL 3.0.6 (Affected 3.0.0-3.0.5)"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Chris Rapier (Pittsburgh Supercomputing Center)"
        }
      ],
      "datePublic": "2022-09-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenSSL supports creating a custom cipher via the legacy EVP_CIPHER_meth_new() function and associated function calls. This function was deprecated in OpenSSL 3.0 and application authors are instead encouraged to use the new provider mechanism in order to implement custom ciphers. OpenSSL versions 3.0.0 to 3.0.5 incorrectly handle legacy custom ciphers passed to the EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() and EVP_CipherInit_ex2() functions (as well as other similarly named encryption and decryption initialisation functions). Instead of using the custom cipher directly it incorrectly tries to fetch an equivalent cipher from the available providers. An equivalent cipher is found based on the NID passed to EVP_CIPHER_meth_new(). This NID is supposed to represent the unique NID for a given cipher. However it is possible for an application to incorrectly pass NID_undef as this value in the call to EVP_CIPHER_meth_new(). When NID_undef is used in this way the OpenSSL encryption/decryption initialisation function will match the NULL cipher as being equivalent and will fetch this from the available providers. This will succeed if the default provider has been loaded (or if a third party provider has been loaded that offers this cipher). Using the NULL cipher means that the plaintext is emitted as the ciphertext. Applications are only affected by this issue if they call EVP_CIPHER_meth_new() using NID_undef and subsequently use it in a call to an encryption/decryption initialisation function. Applications that only use SSL/TLS are not impacted by this issue. Fixed in OpenSSL 3.0.6 (Affected 3.0.0-3.0.5)."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "lang": "eng",
              "url": "https://www.openssl.org/policies/secpolicy.html#Low",
              "value": "Low"
            },
            "type": "unknown"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "NULL encryption",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-04T09:06:42.670169",
        "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "shortName": "openssl"
      },
      "references": [
        {
          "url": "https://www.openssl.org/news/secadv/20221011.txt"
        },
        {
          "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=5485c56679d7c49b96e8fc8ca708b0b7e7c03c4b"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20221028-0014/"
        },
        {
          "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023"
        },
        {
          "name": "GLSA-202402-08",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202402-08"
        }
      ],
      "title": "Using a Custom Cipher with NID_undef may lead to NULL encryption"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
    "assignerShortName": "openssl",
    "cveId": "CVE-2022-3358",
    "datePublished": "2022-10-11T15:00:14.123507Z",
    "dateReserved": "2022-09-29T00:00:00",
    "dateUpdated": "2024-09-16T16:33:30.640Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-3786 (GCVE-0-2022-3786)

Vulnerability from cvelistv5

Published

2022-11-01 00:00

Modified

2025-05-05 16:12

Severity ?

CWE

Buffer overflow

Summary

References

►

URL

Tags

	https://www.openssl.org/news/secadv/20221101.txt	vendor-advisory
	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a	patch

Impacted products

	Vendor	Product	Version
	OpenSSL	OpenSSL	Version: 3.0.0 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T01:20:58.788Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "OpenSSL Advisory",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.openssl.org/news/secadv/20221101.txt"
          },
          {
            "name": "3.0.7 git commit",
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-3786",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T13:26:54.639858Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-120",
                "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-05T16:12:38.194Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "OpenSSL",
          "vendor": "OpenSSL",
          "versions": [
            {
              "lessThan": "3.0.7",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Viktor Dukhovni"
        }
      ],
      "datePublic": "2022-11-01T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.\u0027 character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.\u003c/p\u003e"
            }
          ],
          "value": "A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.\u0027 character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.\n\n"
        }
      ],
      "metrics": [
        {
          "format": "other",
          "other": {
            "content": {
              "text": "HIGH"
            },
            "type": "https://www.openssl.org/policies/secpolicy.html#high"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Buffer overflow",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-11-04T07:28:32.835Z",
        "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "shortName": "openssl"
      },
      "references": [
        {
          "name": "OpenSSL Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.openssl.org/news/secadv/20221101.txt"
        },
        {
          "name": "3.0.7 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "X.509 Email Address Variable Length Buffer Overflow",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev",
        "importer": "vulnxml2json5.py 2022-11-04 07:19:07.034873"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
    "assignerShortName": "openssl",
    "cveId": "CVE-2022-3786",
    "datePublished": "2022-11-01T00:00:00.000Z",
    "dateReserved": "2022-11-01T00:00:00.000Z",
    "dateUpdated": "2025-05-05T16:12:38.194Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2022:3843-1

Vulnerability from csaf_suse

CVE-2022-3602 (GCVE-0-2022-3602)

Vulnerability from cvelistv5

CVE-2022-3358 (GCVE-0-2022-3358)

Vulnerability from cvelistv5

CVE-2022-3786 (GCVE-0-2022-3786)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature