{"id":25533,"date":"2022-07-06T00:19:15","date_gmt":"2022-07-05T22:19:15","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=25533"},"modified":"2022-07-13T06:35:36","modified_gmt":"2022-07-13T04:35:36","slug":"openssl-3-0-4-schwachstelle-cve-2022-2274-heap-speicherbeschdigung-mit-rsa-private-key-operation","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2022\/07\/06\/openssl-3-0-4-schwachstelle-cve-2022-2274-heap-speicherbeschdigung-mit-rsa-private-key-operation\/","title":{"rendered":"OpenSSL 3.0.4 Vulnerability CVE-2022-2274: Heap Memory Corruption with RSA Private Key Operation"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" title=\"Sicherheit (Pexels, allgemeine Nutzung)\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2021\/04\/Sicherheit_klein.jpg\" alt=\"Sicherheit (Pexels, allgemeine Nutzung)\" width=\"200\" align=\"left\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2022\/07\/06\/openssl-3-0-4-schwachstelle-cve-2022-2274-heap-speicherbeschdigung-mit-rsa-private-key-operation\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]A vulnerability CVE-2022-2274 exists in OpenSSL that could lead to heap memory corruption with RSA private key operations. It affects OpenSSL 3.0.4 and the vulnerability is rated High in severity. A second vulnerability CVE-2022-2097 causes AES OCB to fail to encrypt some bytes. This vulnerability is rated Moderate.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg04.met.vgwort.de\/na\/84db56d944ee4db5aee8d6e62da2f588\" alt=\"\" width=\"1\" height=\"1\" \/>I became aware of the issue via the following <a href=\"https:\/\/twitter.com\/campuscodi\/status\/1544417552843116545\" target=\"_blank\" rel=\"noopener\">tweet<\/a>, which is described in this <a href=\"https:\/\/www.openssl.org\/news\/secadv\/20220705.txt\" target=\"_blank\" rel=\"noopener\">OpenSSL Security Advisory<\/a>.<\/p>\n<p><a href=\"https:\/\/twitter.com\/campuscodi\/status\/1544417552843116545\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" title=\"OpenSSL 3.0.4 Schwachstelle CVE-2022-2274\" src=\"https:\/\/i.imgur.com\/kYBx0us.png\" alt=\"OpenSSL 3.0.4 Schwachstelle CVE-2022-2274\" \/><\/a><\/p>\n<h2>Vulnerability CVE-2022-2274: Heap memory corruption<\/h2>\n<p>OpenSSL 3.0.4 contains a fatal flaw in the RSA implementation for X86_64 CPUs that support the AVX512IFMA instructions. This issue causes an incorrect RSA implementation for 2048-bit private keys. As a result, memory corruption occurs during computation, which may allow an attacker to force remote code execution on the machine performing the computation.<\/p>\n<p>SSL\/TLS servers or other servers that use private 2048-bit RSA keys and run on machines that support AVX512IFMA instructions on the X86-64 architecture are affected by this issue. Users of OpenSSL 3.0.4 should upgrade to OpenSSL 3.0.5. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.<\/p>\n<h2>Vulnerability CVE-2022-2097: AES OCB fails to encrypt some bytes<\/h2>\n<p>AES OCB mode for 32-bit x86 platforms using the AES NI assembly-optimized implementation may fail to encrypt all data. This could expose sixteen bytes of data that was already in memory and not written.\u00a0 In the specific case of \"in place\" encryption, sixteen bytes of plaintext would be exposed. The vulnerability is rated as moderate.<\/p>\n<p>Since OpenSSL does not support OCB-based cipher suites for TLS and DTLS, neither is affected. This issue affects versions 1.1.1 and 3.0, and was fixed in versions 1.1.1q and 3.0.5 on July 5, 2022. Users of OpenSSL 1.1.1 should upgrade to 1.1.1q. Users of OpenSSL 3.0 should upgrade to 3.0.5.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]A vulnerability CVE-2022-2274 exists in OpenSSL that could lead to heap memory corruption with RSA private key operations. It affects OpenSSL 3.0.4 and the vulnerability is rated High in severity. A second vulnerability CVE-2022-2097 causes AES OCB to fail to &hellip; <a href=\"https:\/\/borncity.com\/win\/2022\/07\/06\/openssl-3-0-4-schwachstelle-cve-2022-2274-heap-speicherbeschdigung-mit-rsa-private-key-operation\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,1547],"tags":[69],"class_list":["post-25533","post","type-post","status-publish","format-standard","hentry","category-security","category-software","tag-security"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/25533","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=25533"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/25533\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=25533"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=25533"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=25533"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}