Red Hat Enterprise Linux 6 Extended Lifecycle Support update for openssl



Risk High
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2023-0286
CWE-ID CWE-843
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems)
Operating systems & Components / Operating system

Red Hat Enterprise Linux Server - Extended Life Cycle Support
Operating systems & Components / Operating system

openssl (Red Hat package)
Operating systems & Components / Operating system package or component

Vendor Red Hat Inc.

Security Bulletin

This security bulletin contains one high risk vulnerability.

1) Type Confusion

EUVDB-ID: #VU71992

Risk: High

CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0286

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a type confusion error related to X.400 address processing inside an X.509 GeneralName. A remote attacker can pass specially crafted data to the application, trigger a type confusion error and perform a denial of service (DoS) attack or read memory contents.

In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems): 6.0

Red Hat Enterprise Linux Server - Extended Life Cycle Support: 6.0

openssl (Red Hat package): before 1.0.1e-61.el6_10

CPE2.3 External links

http://access.redhat.com/errata/RHSA-2023:1438


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###