Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 842489 - <dev-libs/openssl-1.1.1o: Multiple vulnerabilities
Summary: <dev-libs/openssl-1.1.1o: Multiple vulnerabilities
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: A3 [glsa? cleanup]
Depends on: 845258
Blocks: CVE-2022-1292, CVE-2022-1473
  Show dependency tree
Reported: 2022-05-03 20:31 UTC by Sam James
Modified: 2022-07-01 07:56 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2022-05-03 20:31:56 UTC

The c_rehash script allows command injection (CVE-2022-1292)

Severity: Moderate

The c_rehash script does not properly sanitise shell metacharacters to
prevent command injection.  This script is distributed by some operating
systems in a manner where it is automatically executed.  On such operating
systems, an attacker could execute arbitrary commands with the privileges
of the script.

Use of the c_rehash script is considered obsolete and should be replaced
by the OpenSSL rehash command line tool.

This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.

OpenSSL 1.0.2 users should upgrade to 1.0.2ze (premium support customers only)
OpenSSL 1.1.1 users should upgrade to 1.1.1o
OpenSSL 3.0 users should upgrade to 3.0.3

This issue was reported to OpenSSL on the 2nd April 2022.  It was found by
Elison Niven of Sophos.  The fix was developed by Tomas Mraz from OpenSSL.

Resource leakage when decoding certificates and keys (CVE-2022-1473)

Severity: Low

The OPENSSL_LH_flush() function, which empties a hash table, contains
a bug that breaks reuse of the memory occuppied by the removed hash
table entries.

This function is used when decoding certificates or keys. If a long lived
process periodically decodes certificates or keys its memory usage will
expand without bounds and the process might be terminated by the operating
system causing a denial of service. Also traversing the empty hash table
entries will take increasingly more time.

Typically such long lived processes might be TLS clients or TLS servers
configured to accept client certificate authentication.

The function was added in the OpenSSL 3.0 version thus older releases
are not affected by the issue.

It was addressed in the 3.0.3 release on the 3rd May 2022. The fix can be
found in git commit 64c85430f.

OpenSSL 1.0.2 users are not affected.
OpenSSL 1.1.1 users are not affected.
OpenSSL 3.0 users should upgrade to 3.0.3.

This issue was reported to OpenSSL on the 21st April 2022 by Aliaksei Levin.
The fix was developed by Hugo Landau from OpenSSL.


OpenSSL 1.0.2 is out of support and no longer receiving public updates. Extended
support is available for premium support customers:

OpenSSL 1.1.0 is out of support and no longer receiving updates of any kind.
The impact of these issues on OpenSSL 1.1.0 has not been analysed.

Users of these versions should upgrade to OpenSSL 3.0 or 1.1.1.
Comment 1 Larry the Git Cow gentoo-dev 2022-05-03 21:32:47 UTC
The bug has been referenced in the following commit(s):

commit a796465aab66d211626dda8a31633fd68117aace
Author:     Sam James <>
AuthorDate: 2022-05-03 21:32:20 +0000
Commit:     Sam James <>
CommitDate: 2022-05-03 21:32:26 +0000

    dev-libs/openssl: add 3.0.3
    Masked still (3.x) so not the focus of the sec bug, but need to bump
    to address some vulnerabilities anyhow.
    Signed-off-by: Sam James <>

 dev-libs/openssl/Manifest             |   2 +
 dev-libs/openssl/openssl-3.0.3.ebuild | 297 ++++++++++++++++++++++++++++++++++
 2 files changed, 299 insertions(+)
Comment 2 Hanno Böck gentoo-dev 2022-05-04 07:29:00 UTC
The first vuln affects the perl-based c_rehash script that is shipped with OpenSSL. It seems Gentoo is not using that, but installs its own version of c_rehash, which is written in bash and comes from pld-linux (it seems to be a fork of an older version from OpenSSL).

I tried playing around with that to see if I could find a similar vuln. I haven't found a straight command injection, but it does seem to lack proper filename quoting. E.g. the following:

cp ISRG_Root_X1.pem 'foo bar .pem'
cp ISRG_Root_X1.pem foo

will lead to c_rehash executing the nonexistend "openssl bar" command:

Invalid command 'bar'; type "help" for a list.

In any case: I don't know what triggered the decision to ship a non-upstream version of that script, but given upstream recommends deprecating it we should probably do so as well (and switch to the internal "openssl rehash" command).
Comment 3 Eray Aslan gentoo-dev 2022-05-18 08:33:12 UTC
(In reply to Hanno Böck from comment #2)
> I don't know what triggered the decision to ship a non-upstream
> version of that script

see bug #333117 - not to RDEPEND on perl afaicr

> but given upstream recommends deprecating it we
> should probably do so as well (and switch to the internal "openssl rehash"
> command)