CVE-2024-0727

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-0727
Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates and keys and may come from an untrusted source. The PKCS12 specification allows certain fields to be NULL, but OpenSSL does not correctly check for this case. This can lead to a NULL pointer dereference that results in OpenSSL crashing. If an application processes PKCS12 files from an untrusted source using the OpenSSL APIs then that application will be vulnerable to this issue. OpenSSL APIs that are vulnerable to this are: PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() and PKCS12_newpass(). We have also fixed a similar issue in SMIME_write_PKCS7(). However since this function is related to writing data we do not consider it security significant. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2 Patch
https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a Patch
https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c Patch
https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8 Patch
https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539 Patch
https://security.netapp.com/advisory/ntap-20240208-0006/
https://www.openssl.org/news/secadv/20240125.txt Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:3.2.0:-:*:*:*:*:*:*
History

08 Feb 2024, 10:15

Type Values Removed Values Added
References
  • () https://security.netapp.com/advisory/ntap-20240208-0006/ -

02 Feb 2024, 15:53

Type Values Removed Values Added
CWE NVD-CWE-noinfo
CPE cpe:2.3:a:openssl:openssl:3.2.0:-:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
First Time Openssl openssl
Openssl
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
References () https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2 - () https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2 - Patch
References () https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a - () https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a - Patch
References () https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c - () https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c - Patch
References () https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8 - () https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8 - Patch
References () https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539 - () https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539 - Patch
References () https://www.openssl.org/news/secadv/20240125.txt - () https://www.openssl.org/news/secadv/20240125.txt - Vendor Advisory

26 Jan 2024, 13:51

Type Values Removed Values Added
Summary
  • (es) Resumen del problema: el procesamiento de un archivo PKCS12 con formato malintencionado puede hacer que OpenSSL falle y provoque un posible ataque de denegación de servicio. Resumen de impacto: las aplicaciones que cargan archivos en formato PKCS12 desde fuentes que no son de confianza pueden finalizar abruptamente. Un archivo en formato PKCS12 puede contener certificados y claves y puede provenir de una fuente que no es de confianza. La especificación PKCS12 permite que ciertos campos sean NULL, pero OpenSSL no verifica correctamente este caso. Esto puede provocar una desreferencia del puntero NULL que provoque el bloqueo de OpenSSL. Si una aplicación procesa archivos PKCS12 de una fuente que no es de confianza utilizando las API de OpenSSL, esa aplicación será vulnerable a este problema. Las API de OpenSSL que son vulnerables a esto son: PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() y PKCS12_newpass(). También solucionamos un problema similar en SMIME_write_PKCS7(). Sin embargo, dado que esta función está relacionada con la escritura de datos, no la consideramos importante para la seguridad. Los módulos FIPS en 3.2, 3.1 y 3.0 no se ven afectados por este problema.

26 Jan 2024, 09:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-01-26 09:15

Updated : 2024-02-08 10:15

NVD link : CVE-2024-0727

Mitre link : CVE-2024-0727

CVE.ORG link : CVE-2024-0727

JSON object : View

Products Affected

openssl

  • openssl
CWE
NVD-CWE-noinfo