Published: 03/04/2023 Updated: 31/05/2023

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 0

mod_auth_openidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In versions 2.0.0 up to and including 2.4.13.1, when `OIDCStripCookies` is set and a crafted cookie supplied, a NULL pointer dereference would occur, resulting in a segmentation fault. This could be used in a Denial-of-Service attack and thus presents an availability risk. Version 2.4.13.2 contains a patch for this issue. As a workaround, avoid using `OIDCStripCookies`.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openidc mod auth openidc

Synopsis Moderate: mod_auth_openidc security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for mod_auth_openidc is now available for Red Hat Enterprise Linux 9Red Hat Product Security has ra ...

Debian Bug report logs - #1033916 libapache2-mod-auth-openidc: CVE-2023-28625: segfault DoS when OIDCStripCookies is set Package: src:libapache2-mod-auth-openidc; Maintainer for src:libapache2-mod-auth-openidc is Moritz Schlarb <schlarbm@uni-mainzde>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, ...

It was discovered that missing input sanitising in the implementation of the OIDCStripCookie option in mod_auth_openidc could result in denial of service For the stable distribution (bullseye), this problem has been fixed in version 2494-0+deb11u3 We recommend that you upgrade your libapache2-mod-auth-openidc packages For the detailed securit ...

DescriptionThe MITRE CVE dictionary describes this issue as: mod_auth_openidc is an authentication and authorization module for the Apache 2x HTTP server that implements the OpenID Connect Relying Party functionality In versions 200 through 24131, when `OIDCStripCookies` is set and a crafted cookie supplied, a NULL pointer dereference would ...

CWE-476 https://github.com/OpenIDC/mod_auth_openidc/releases/tag/v2.4.13.2 https://github.com/OpenIDC/mod_auth_openidc/commit/c0e1edac3c4c19988ccdc7713d7aebfce6ff916a https://github.com/OpenIDC/mod_auth_openidc/security/advisories/GHSA-f5xw-rvfr-24qr https://github.com/OpenIDC/mod_auth_openidc/blame/3f11976dab56af0a46a7dddb7a275cc16d6eb726/src/mod_auth_openidc.c#L178-L179 https://lists.debian.org/debian-lts-announce/2023/04/msg00034.html https://www.debian.org/security/2023/dsa-5405 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WIBKFC22PDH6UXMSZ23PHTD7736ZC7BB/https://access.redhat.com/errata/RHSA-2023:6365 https://nvd.nist.gov https://www.debian.org/security/2023/dsa-5405

CVE-2023-28625

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect