CVE-2024-4603 (GCVE-0-2024-4603)

Vulnerability from cvelistv5 – Published: 2024-05-16 15:21 – Updated: 2024-10-14 14:56
VLAI
Title
Excessive time spent checking DSA keys and parameters
Summary
Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVP_PKEY_param_check() or EVP_PKEY_public_check() to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform various checks on DSA parameters. Some of those computations take a long time if the modulus (`p` parameter) is too large. Trying to use a very large modulus is slow and OpenSSL will not allow using public keys with a modulus which is over 10,000 bits in length for signature verification. However the key and parameter check functions do not limit the modulus size when performing the checks. An application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. These functions are not called by OpenSSL itself on untrusted DSA keys so only applications that directly call these functions may be vulnerable. Also vulnerable are the OpenSSL pkey and pkeyparam command line applications when using the `-check` option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.
Severity
5.3 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-606 - Unchecked Input for Loop Condition
  • CWE-834 - Excessive Iteration
Assigner
References
Impacted products
Vendor Product Version
OpenSSL OpenSSL Affected: 3.0.0 , < 3.0.14 (semver)
Affected: 3.1.0 , < 3.1.6 (semver)
Affected: 3.2.0 , < 3.2.2 (semver)
Affected: 3.3.0 , < 3.3.1 (semver)
Create a notification for this product.
openssl openssl Affected: 3.0.0 , < 3.0.14 (semver)
Affected: 3.1.0 , < 3.1.6 (semver)
Affected: 3.2.0 , < 3.2.2 (semver)
Affected: 3.3.0 , < 3.3.1 (semver)
    cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
 Create a notification for this product.
Date Public
2024-05-16 00:00
Credits
OSS-Fuzz Tomas Mraz
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:47:41.528Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "OpenSSL Advisory",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.openssl.org/news/secadv/20240516.txt"
          },
          {
            "name": "3.0.14 git commit",
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397"
          },
          {
            "name": "3.1.6 git commit",
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d"
          },
          {
            "name": "3.2.2 git commit",
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740"
          },
          {
            "name": "3.3.1 git commit",
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/05/16/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240621-0001/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "openssl",
            "vendor": "openssl",
            "versions": [
              {
                "lessThan": "3.0.14",
                "status": "affected",
                "version": "3.0.0",
                "versionType": "semver"
              },
              {
                "lessThan": "3.1.6",
                "status": "affected",
                "version": "3.1.0",
                "versionType": "semver"
              },
              {
                "lessThan": "3.2.2",
                "status": "affected",
                "version": "3.2.0",
                "versionType": "semver"
              },
              {
                "lessThan": "3.3.1",
                "status": "affected",
                "version": "3.3.0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-4603",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-16T18:27:25.638098Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-834",
                "description": "CWE-834 Excessive Iteration",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-13T15:11:57.009Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "OpenSSL",
          "vendor": "OpenSSL",
          "versions": [
            {
              "lessThan": "3.0.14",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.1.6",
              "status": "affected",
              "version": "3.1.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.2.2",
              "status": "affected",
              "version": "3.2.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.3.1",
              "status": "affected",
              "version": "3.3.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "OSS-Fuzz"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Tomas Mraz"
        }
      ],
      "datePublic": "2024-05-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Issue summary: Checking excessively long DSA keys or parameters may be very\u003cbr\u003eslow.\u003cbr\u003e\u003cbr\u003eImpact summary: Applications that use the functions EVP_PKEY_param_check()\u003cbr\u003eor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\u003cbr\u003eexperience long delays. Where the key or parameters that are being checked\u003cbr\u003ehave been obtained from an untrusted source this may lead to a Denial of\u003cbr\u003eService.\u003cbr\u003e\u003cbr\u003eThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\u003cbr\u003evarious checks on DSA parameters. Some of those computations take a long time\u003cbr\u003eif the modulus (`p` parameter) is too large.\u003cbr\u003e\u003cbr\u003eTrying to use a very large modulus is slow and OpenSSL will not allow using\u003cbr\u003epublic keys with a modulus which is over 10,000 bits in length for signature\u003cbr\u003everification. However the key and parameter check functions do not limit\u003cbr\u003ethe modulus size when performing the checks.\u003cbr\u003e\u003cbr\u003eAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\u003cbr\u003eand supplies a key or parameters obtained from an untrusted source could be\u003cbr\u003evulnerable to a Denial of Service attack.\u003cbr\u003e\u003cbr\u003eThese functions are not called by OpenSSL itself on untrusted DSA keys so\u003cbr\u003eonly applications that directly call these functions may be vulnerable.\u003cbr\u003e\u003cbr\u003eAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\u003cbr\u003ewhen using the `-check` option.\u003cbr\u003e\u003cbr\u003eThe OpenSSL SSL/TLS implementation is not affected by this issue.\u003cbr\u003e\u003cbr\u003eThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue."
            }
          ],
          "value": "Issue summary: Checking excessively long DSA keys or parameters may be very\nslow.\n\nImpact summary: Applications that use the functions EVP_PKEY_param_check()\nor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\nexperience long delays. Where the key or parameters that are being checked\nhave been obtained from an untrusted source this may lead to a Denial of\nService.\n\nThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\nvarious checks on DSA parameters. Some of those computations take a long time\nif the modulus (`p` parameter) is too large.\n\nTrying to use a very large modulus is slow and OpenSSL will not allow using\npublic keys with a modulus which is over 10,000 bits in length for signature\nverification. However the key and parameter check functions do not limit\nthe modulus size when performing the checks.\n\nAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\nand supplies a key or parameters obtained from an untrusted source could be\nvulnerable to a Denial of Service attack.\n\nThese functions are not called by OpenSSL itself on untrusted DSA keys so\nonly applications that directly call these functions may be vulnerable.\n\nAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\nwhen using the `-check` option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue."
        }
      ],
      "metrics": [
        {
          "format": "other",
          "other": {
            "content": {
              "text": "Low"
            },
            "type": "https://www.openssl.org/policies/secpolicy.html"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-606",
              "description": "CWE-606 Unchecked Input for Loop Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-14T14:56:01.784Z",
        "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
        "shortName": "openssl"
      },
      "references": [
        {
          "name": "OpenSSL Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.openssl.org/news/secadv/20240516.txt"
        },
        {
          "name": "3.0.14 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397"
        },
        {
          "name": "3.1.6 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d"
        },
        {
          "name": "3.2.2 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740"
        },
        {
          "name": "3.3.1 git commit",
          "tags": [
            "patch"
          ],
          "url": "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Excessive time spent checking DSA keys and parameters",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
    "assignerShortName": "openssl",
    "cveId": "CVE-2024-4603",
    "datePublished": "2024-05-16T15:21:20.050Z",
    "dateReserved": "2024-05-07T11:44:02.196Z",
    "dateUpdated": "2024-10-14T14:56:01.784Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-4603",
      "date": "2026-06-04",
      "epss": "0.00092",
      "percentile": "0.25739"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-4603\",\"sourceIdentifier\":\"openssl-security@openssl.org\",\"published\":\"2024-05-16T16:15:10.643\",\"lastModified\":\"2024-11-21T09:43:11.753\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Issue summary: Checking excessively long DSA keys or parameters may be very\\nslow.\\n\\nImpact summary: Applications that use the functions EVP_PKEY_param_check()\\nor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\\nexperience long delays. Where the key or parameters that are being checked\\nhave been obtained from an untrusted source this may lead to a Denial of\\nService.\\n\\nThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\\nvarious checks on DSA parameters. Some of those computations take a long time\\nif the modulus (`p` parameter) is too large.\\n\\nTrying to use a very large modulus is slow and OpenSSL will not allow using\\npublic keys with a modulus which is over 10,000 bits in length for signature\\nverification. However the key and parameter check functions do not limit\\nthe modulus size when performing the checks.\\n\\nAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\\nand supplies a key or parameters obtained from an untrusted source could be\\nvulnerable to a Denial of Service attack.\\n\\nThese functions are not called by OpenSSL itself on untrusted DSA keys so\\nonly applications that directly call these functions may be vulnerable.\\n\\nAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\\nwhen using the `-check` option.\\n\\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\\n\\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.\"},{\"lang\":\"es\",\"value\":\"Resumen del problema: la comprobaci\u00f3n de claves o par\u00e1metros DSA excesivamente largos puede resultar muy lenta. Resumen de impacto: las aplicaciones que utilizan las funciones EVP_PKEY_param_check() o EVP_PKEY_public_check() para comprobar una clave p\u00fablica de DSA o par\u00e1metros de DSA pueden experimentar grandes retrasos. Cuando la clave o los par\u00e1metros que se est\u00e1n verificando se obtuvieron de una fuente que no es confiable, esto puede dar lugar a una Denegaci\u00f3n de Servicio. Las funciones EVP_PKEY_param_check() o EVP_PKEY_public_check() realizan varias comprobaciones de los par\u00e1metros DSA. Algunos de esos c\u00e1lculos toman mucho tiempo si el m\u00f3dulo (par\u00e1metro `p`) es demasiado grande. Intentar utilizar un m\u00f3dulo muy grande es lento y OpenSSL no permitir\u00e1 el uso de claves p\u00fablicas con un m\u00f3dulo de m\u00e1s de 10.000 bits de longitud para la verificaci\u00f3n de firmas. Sin embargo, las funciones de verificaci\u00f3n de claves y par\u00e1metros no limitan el tama\u00f1o del m\u00f3dulo al realizar las verificaciones. Una aplicaci\u00f3n que llama a EVP_PKEY_param_check() o EVP_PKEY_public_check() y proporciona una clave o par\u00e1metros obtenidos de una fuente que no es de confianza podr\u00eda ser vulnerable a un ataque de denegaci\u00f3n de servicio. OpenSSL no llama a estas funciones en claves DSA que no son de confianza, por lo que solo las aplicaciones que llaman directamente a estas funciones pueden ser vulnerables. Tambi\u00e9n son vulnerables las aplicaciones de l\u00ednea de comandos OpenSSL pkey y pkeyparam cuando se usa la opci\u00f3n `-check`. La implementaci\u00f3n de OpenSSL SSL/TLS no se ve afectada por este problema. Los proveedores FIPS OpenSSL 3.0 y 3.1 se ven afectados por este problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"openssl-security@openssl.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-606\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-834\"}]}],\"references\":[{\"url\":\"https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://www.openssl.org/news/secadv/20240516.txt\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/05/16/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240621-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.openssl.org/news/secadv/20240516.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.openssl.org/news/secadv/20240516.txt\", \"name\": \"OpenSSL Advisory\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397\", \"name\": \"3.0.14 git commit\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d\", \"name\": \"3.1.6 git commit\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740\", \"name\": \"3.2.2 git commit\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e\", \"name\": \"3.3.1 git commit\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/05/16/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240621-0001/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T20:47:41.528Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-4603\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-16T18:27:25.638098Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\"], \"vendor\": \"openssl\", \"product\": \"openssl\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0\", \"lessThan\": \"3.0.14\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.1.0\", \"lessThan\": \"3.1.6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.2.0\", \"lessThan\": \"3.2.2\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.3.0\", \"lessThan\": \"3.3.1\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-834\", \"description\": \"CWE-834 Excessive Iteration\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-16T18:23:43.403Z\"}}], \"cna\": {\"title\": \"Excessive time spent checking DSA keys and parameters\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"OSS-Fuzz\"}, {\"lang\": \"en\", \"type\": \"remediation developer\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Tomas Mraz\"}], \"metrics\": [{\"other\": {\"type\": \"https://www.openssl.org/policies/secpolicy.html\", \"content\": {\"text\": \"Low\"}}, \"format\": \"other\"}], \"affected\": [{\"vendor\": \"OpenSSL\", \"product\": \"OpenSSL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.0.0\", \"lessThan\": \"3.0.14\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.1.0\", \"lessThan\": \"3.1.6\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.2.0\", \"lessThan\": \"3.2.2\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"3.3.0\", \"lessThan\": \"3.3.1\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2024-05-16T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.openssl.org/news/secadv/20240516.txt\", \"name\": \"OpenSSL Advisory\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397\", \"name\": \"3.0.14 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d\", \"name\": \"3.1.6 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740\", \"name\": \"3.2.2 git commit\", \"tags\": [\"patch\"]}, {\"url\": \"https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e\", \"name\": \"3.3.1 git commit\", \"tags\": [\"patch\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Issue summary: Checking excessively long DSA keys or parameters may be very\\nslow.\\n\\nImpact summary: Applications that use the functions EVP_PKEY_param_check()\\nor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\\nexperience long delays. Where the key or parameters that are being checked\\nhave been obtained from an untrusted source this may lead to a Denial of\\nService.\\n\\nThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\\nvarious checks on DSA parameters. Some of those computations take a long time\\nif the modulus (`p` parameter) is too large.\\n\\nTrying to use a very large modulus is slow and OpenSSL will not allow using\\npublic keys with a modulus which is over 10,000 bits in length for signature\\nverification. However the key and parameter check functions do not limit\\nthe modulus size when performing the checks.\\n\\nAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\\nand supplies a key or parameters obtained from an untrusted source could be\\nvulnerable to a Denial of Service attack.\\n\\nThese functions are not called by OpenSSL itself on untrusted DSA keys so\\nonly applications that directly call these functions may be vulnerable.\\n\\nAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\\nwhen using the `-check` option.\\n\\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\\n\\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Issue summary: Checking excessively long DSA keys or parameters may be very\u003cbr\u003eslow.\u003cbr\u003e\u003cbr\u003eImpact summary: Applications that use the functions EVP_PKEY_param_check()\u003cbr\u003eor EVP_PKEY_public_check() to check a DSA public key or DSA parameters may\u003cbr\u003eexperience long delays. Where the key or parameters that are being checked\u003cbr\u003ehave been obtained from an untrusted source this may lead to a Denial of\u003cbr\u003eService.\u003cbr\u003e\u003cbr\u003eThe functions EVP_PKEY_param_check() or EVP_PKEY_public_check() perform\u003cbr\u003evarious checks on DSA parameters. Some of those computations take a long time\u003cbr\u003eif the modulus (`p` parameter) is too large.\u003cbr\u003e\u003cbr\u003eTrying to use a very large modulus is slow and OpenSSL will not allow using\u003cbr\u003epublic keys with a modulus which is over 10,000 bits in length for signature\u003cbr\u003everification. However the key and parameter check functions do not limit\u003cbr\u003ethe modulus size when performing the checks.\u003cbr\u003e\u003cbr\u003eAn application that calls EVP_PKEY_param_check() or EVP_PKEY_public_check()\u003cbr\u003eand supplies a key or parameters obtained from an untrusted source could be\u003cbr\u003evulnerable to a Denial of Service attack.\u003cbr\u003e\u003cbr\u003eThese functions are not called by OpenSSL itself on untrusted DSA keys so\u003cbr\u003eonly applications that directly call these functions may be vulnerable.\u003cbr\u003e\u003cbr\u003eAlso vulnerable are the OpenSSL pkey and pkeyparam command line applications\u003cbr\u003ewhen using the `-check` option.\u003cbr\u003e\u003cbr\u003eThe OpenSSL SSL/TLS implementation is not affected by this issue.\u003cbr\u003e\u003cbr\u003eThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-606\", \"description\": \"CWE-606 Unchecked Input for Loop Condition\"}]}], \"providerMetadata\": {\"orgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"shortName\": \"openssl\", \"dateUpdated\": \"2024-10-14T14:56:01.784Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-4603\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-14T14:56:01.784Z\", \"dateReserved\": \"2024-05-07T11:44:02.196Z\", \"assignerOrgId\": \"3a12439a-ef3a-4c79-92e6-6081a721f1e5\", \"datePublished\": \"2024-05-16T15:21:20.050Z\", \"assignerShortName\": \"openssl\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.