Published: 08/02/2023 Updated: 04/02/2024

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 0

An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions. The result of the dereference is an application crash which could lead to a denial of service attack. The TLS implementation in OpenSSL does not call this function however third party applications might call these functions on untrusted data.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openssl openssl
stormshield stormshield management center

概述 Important: openssl security and bug fix update 类型/严重性 Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems 标题 An update for openssl is now available for Red Hat Enterprise Linux 90 Extended Update SupportRed Hat Product Sec ...

DescriptionA flaw was found in OpenSSL An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions This may result in an application crash which could lead to a denial of service The TLS implementation in OpenSSL does not c ...

PAN-SA-2023-0001 Impact of OpenSSL Vulnerabilities Disclosed Feb 7, 2023 ...

Critical Infrastructure Sectors: Critical Manufacturing

CWE-476 https://www.openssl.org/news/secadv/20230207.txt https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=934a04f0e775309cadbef0aa6b9692e1b12a76c6 https://security.gentoo.org/glsa/202402-08 https://access.redhat.com/errata/RHSA-2023:1199 https://nvd.nist.gov https://www.cisa.gov/news-events/ics-advisories/icsa-23-320-08 https://access.redhat.com/security/cve/cve-2023-0216

CVE-2023-0216

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

ICS Advisories

References

Vulmon Search

About

Products

Connect