Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 885797 (CVE-2022-3996) - <dev-libs/openssl-3.0.8:0/3: double locking leads to denial of service
Summary: <dev-libs/openssl-3.0.8:0/3: double locking leads to denial of service
Status: RESOLVED FIXED
Alias: CVE-2022-3996
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial
Assignee: Gentoo Security
URL: https://www.openssl.org/news/secadv/2...
Whiteboard: ~3 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2022-12-13 17:27 UTC by John Helmert III
Modified: 2022-12-13 21:55 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-12-13 17:27:07 UTC
CVE-2022-3996:

If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. Policy processing being enabled on a publicly facing server is not considered to be a common setup. Policy processing is enabled by passing the `-policy' argument to the command line utilities or by calling either `X509_VERIFY_PARAM_add0_policy()' or `X509_VERIFY_PARAM_set1_policies()' functions.

Patch: https://github.com/openssl/openssl/commit/7725e7bfe6f2ce8146b6552b44e0d226be7638e7

Only affects 3.x, still masked in Gentoo. "OpenSSL 3.0 users should
upgrade to OpenSSL 3.0.8 once it is released."
Comment 1 Larry the Git Cow gentoo-dev 2022-12-13 18:18:29 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=febf14caacb3cb7171cd6e861d9961cb6d6faaa6

commit febf14caacb3cb7171cd6e861d9961cb6d6faaa6
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2022-12-13 18:16:42 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-12-13 18:16:50 +0000

    dev-libs/openssl: drop 3.0.7
    
    Bug: https://bugs.gentoo.org/885797
    Signed-off-by: Sam James <sam@gentoo.org>

 dev-libs/openssl/openssl-3.0.7.ebuild | 337 ----------------------------------
 1 file changed, 337 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ebb2a9a705c6d1cefa9c4bc94cf57da7a03f53b6

commit ebb2a9a705c6d1cefa9c4bc94cf57da7a03f53b6
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2022-12-13 18:14:10 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-12-13 18:14:18 +0000

    dev-libs/openssl: fix CVE-2022-3996 for 3.0.7
    
    Only affects 3.x.
    
    Bug: https://bugs.gentoo.org/885797
    Signed-off-by: Sam James <sam@gentoo.org>

 .../files/openssl-3.0.7-x509-CVE-2022-3996.patch   |  35 +++
 dev-libs/openssl/openssl-3.0.7-r1.ebuild           | 338 +++++++++++++++++++++
 2 files changed, 373 insertions(+)