阿里云漏洞库

漏洞描述

Issue summary: Generating excessively long X9.42 DH keys or checking

excessively long X9.42 DH keys or parameters may be very slow.

Impact summary: Applications that use the functions DH_generate_key() to

generate an X9.42 DH key may experience long delays. Likewise, applications

that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check()

to check an X9.42 DH key or X9.42 DH parameters may experience long delays.

Where the key or parameters that are being checked have been obtained from

an untrusted source this may lead to a Denial of Service.

While DH_check() performs all the necessary checks (as of CVE-2023-3817),

DH_check_pub_key() doesn't make any of these checks, and is therefore

vulnerable for excessively large P and Q parameters.

Likewise, while DH_generate_key() performs a check for an excessively large

P, it doesn't check for an excessively large Q.

An application that calls DH_generate_key() or DH_check_pub_key() and

supplies a key or parameters obtained from an untrusted source could be

vulnerable to a Denial of Service attack.

DH_generate_key() and DH_check_pub_key() are also called by a number of

other OpenSSL functions. An application calling any of those other

functions may similarly be affected. The other functions affected by this

are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate().

Also vulnerable are the OpenSSL pkey command line application when using the

"-pubcheck" option, as well as the OpenSSL genpkey command line application.

The OpenSSL SSL/TLS implementation is not affected by this issue.

The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
http://www.openwall.com/lists/oss-security/2024/03/11/1
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636...
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b629...
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d92...
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54...
https://security.netapp.com/advisory/ntap-20231130-0010/
https://www.openssl.org/news/secadv/20231106.txt

受影响软件情况

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	openssl	openssl	*	From (including) 1.0.2	Up to (excluding) 1.0.2zj
	运行在以下环境
	应用	openssl	openssl	*	From (including) 1.1.1	Up to (excluding) 1.1.1x
	运行在以下环境
	应用	openssl	openssl	*	From (including) 3.0.0	Up to (excluding) 3.0.13
	运行在以下环境
	应用	openssl	openssl	*	From (including) 3.1.0	Up to (excluding) 3.1.5
	运行在以下环境
	系统	alma_linux_8	openssl	*		Up to (excluding) 1.1.1k-12.el8_9
	运行在以下环境
	系统	alpine_3.15	openssl	*		Up to (excluding) 1.1.1w-r1
	运行在以下环境
	系统	alpine_3.16	openssl	*		Up to (excluding) 1.1.1w-r1
	运行在以下环境
	系统	alpine_3.17	openssl	*		Up to (excluding) 3.0.12-r1
	运行在以下环境
	系统	alpine_3.18	openssl	*		Up to (excluding) 3.1.4-r1
	运行在以下环境
	系统	alpine_3.19	openssl	*		Up to (excluding) 3.1.4-r1
	运行在以下环境
	系统	amazon_2	openssl	*		Up to (excluding) 1.0.2k-24.amzn2.0.11
	运行在以下环境
	系统	amazon_2023	openssl	*		Up to (excluding) 3.0.8-1.amzn2023.0.10
	运行在以下环境
	系统	amazon_AMI	openssl	*		Up to (excluding) 1.0.2k-16.165.amzn1
	运行在以下环境
	系统	anolis_os_23	openssl	*		Up to (excluding) 3.0.12-2
	运行在以下环境
	系统	fedora_EPEL_7	openssl11	*		Up to (excluding) 1.1.1k-6.el7
	运行在以下环境
	系统	kylinos_aarch64_V10	openssl	*		Up to (excluding) 1.1.1m-22.p01.ky10h
	运行在以下环境
	系统	kylinos_aarch64_V10HPC	openssl	*		Up to (excluding) 1.1.1m-22.p01.ky10h
	运行在以下环境
	系统	kylinos_aarch64_V10SP1	openssl	*		Up to (excluding) 1.1.1f-4.p16.ky10
	运行在以下环境
	系统	kylinos_aarch64_V10SP2	openssl	*		Up to (excluding) 1.1.1f-4.p16.ky10
	运行在以下环境
	系统	kylinos_aarch64_V10SP3	openssl	*		Up to (excluding) 1.1.1f-15.p16.ky10
	运行在以下环境
	系统	kylinos_aarch64_V10SP32309a	openssl	*		Up to (excluding) 1.1.1m-22.p01.ky10h
	运行在以下环境
	系统	kylinos_aarch64_V10SP32309b	openssl	*		Up to (excluding) 1.1.1f-15.p16.ky10
	运行在以下环境
	系统	kylinos_loongarch64_V10SP1	openssl	*		Up to (excluding) 1.1.1f-4.p16.a.ky10
	运行在以下环境
	系统	kylinos_loongarch64_V10SP3	openssl	*		Up to (excluding) 1.1.1f-15.p16.a.ky10
	运行在以下环境
	系统	kylinos_x86_64_V10	openssl	*		Up to (excluding) 1.1.1m-22.p01.ky10h
	运行在以下环境
	系统	kylinos_x86_64_V10HPC	openssl	*		Up to (excluding) 1.1.1m-22.p01.ky10h
	运行在以下环境
	系统	kylinos_x86_64_V10SP1	openssl	*		Up to (excluding) 1.1.1f-4.p16.ky10
	运行在以下环境
	系统	kylinos_x86_64_V10SP2	openssl	*		Up to (excluding) 1.1.1f-4.p16.ky10
	运行在以下环境
	系统	kylinos_x86_64_V10SP3	openssl	*		Up to (excluding) 1.1.1f-15.p16.ky10
	运行在以下环境
	系统	opensuse_5.3	libopenssl3	*		Up to (excluding) 3.0.8-150400.4.42.1
	运行在以下环境
	系统	opensuse_5.4	libopenssl3	*		Up to (excluding) 3.0.8-150400.4.42.1
	运行在以下环境
系统	opensuse_Leap_15.4	openssl	*		Up to (excluding) 3.0.8-150400.4.42.1
运行在以下环境
系统	opensuse_Leap_15.5	openssl	*		Up to (excluding) 3.0.8-150500.5.19.1
运行在以下环境
系统	oracle_8	openssl	*		Up to (excluding) 1.1.1k-12.el8_9
运行在以下环境
系统	redhat_8	openssl	*		Up to (excluding) 1.1.1k-12.el8_9
运行在以下环境
系统	suse_12_SP5	openssl-1_1	*		Up to (excluding) 1.1.1d-2.101.1

攻击路径

本地
攻击复杂度

复杂
权限要求

普通权限
影响范围

越权影响
EXP成熟度

未验证
补丁情况

官方补丁
数据保密性

无影响
数据完整性

无影响
服务器危害

无影响
全网数量

N/A

CWE-ID	漏洞类型
CWE-754	对因果或异常条件的不恰当检查

中危 在具有较大 Q 参数值的 DH 检查/生成中花费过多时间 (CVE-2023-5678)

漏洞描述

解决建议

参考链接

受影响软件情况

中危在具有较大 Q 参数值的 DH 检查/生成中花费过多时间 (CVE-2023-5678)