1. Takehiko NOZAKI Avatar Takehiko NOZAKI
  2. idiot
  3. NetBSD
  4. Issues

[tnozaki-openssl] CVE-2023-0464 Excessive Resource Usage Verifying X.509 Policy Constraints

Issue #344 resolved
Takehiko NOZAKI repo owner created an issue

see https://www.openssl.org/news/secadv/20230322.txt

Comments (2)

  2. Takehiko NOZAKI reporter

    BUGFIX: Issue #344 - CVE-2023-0464 Excessive Resource Usage Verifying X.509 Policy Constraints

    Cherry-picked from: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=879f7080d7e141f415c79eaa3a8ac4a3dad0348b

    Original commit message: x509: excessive resource use verifying policy constraints

    A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems.

    Fixes CVE-2023-0464

    Reviewed-by: Tomas Mraz tomas@openssl.org Reviewed-by: Shane Lontis shane.lontis@oracle.com (Merged from https://github.com/openssl/openssl/pull/20569)

    → <<cset 4a91448fcf6b>>

  3. Log in to comment
Assignee
Type
bug
Priority
major
Status
resolved
Votes
0
Watchers
1