Showing 1 - 6 of 6

CVE-2023-2975

Status Candidate

Overview

Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can be mislead by removing adding or reordering such empty entries as these are ignored by the OpenSSL implementation. We are currently unaware of any such applications. The AES-SIV algorithm allows for authentication of multiple associated data entries along with the encryption. To authenticate empty data the application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with NULL pointer as the output buffer and 0 as the input buffer length. The AES-SIV implementation in OpenSSL just returns success for such a call instead of performing the associated data authentication operation. The empty data thus will not be authenticated. As this issue does not affect non-empty associated data authentication and we expect it to be rare for an application to use empty associated data entries this is qualified as Low severity issue.

Related Files

Red Hat Security Advisory 2024-2447-03: Posted Apr 30, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-2447-03 - An update for openssl and openssl-fips-provider is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2023-2975; SHA-256 | 462bc3d09215be0bbf81e8c4c531f8af9c1a08788384e4109de00f728a5419d4; Download | Favorite | View

Gentoo Linux Security Advisory 202402-08: Posted Feb 5, 2024; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202402-8 - Multiple vulnerabilities have been found in OpenSSL, the worst of which could result in denial of service. Versions greater than or equal to 3.0.10 are affected.; tags | advisory, denial of service, vulnerability; systems | linux, gentoo; advisories | CVE-2022-3358, CVE-2022-4203, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0216, CVE-2023-0217, CVE-2023-0286, CVE-2023-0401, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-2975; SHA-256 | 21ad378435b07083191f0c5fc69298cd031080be76d8665f35aae2aacebb11f1; Download | Favorite | View

Ubuntu Security Notice USN-6450-1: Posted Oct 24, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6450-1 - Tony Battersby discovered that OpenSSL incorrectly handled key and initialization vector lengths. This could lead to truncation issues and result in loss of confidentiality for some symmetric cipher modes. Juerg Wullschleger discovered that OpenSSL incorrectly handled the AES-SIV cipher. This could lead to empty data entries being ignored, resulting in certain applications being misled. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04.; tags | advisory; systems | linux, ubuntu; advisories | CVE-2023-2975, CVE-2023-3817, CVE-2023-5363; SHA-256 | 2d9459c9594f7dcc383dafcaff6092d57b63e811ab043a65d9d9516541186813; Download | Favorite | View

OpenSSL Toolkit 3.1.2: Posted Aug 1, 2023; Site openssl.org; OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The 3.1.x series is the current major version of OpenSSL.; Changes: Fixed excessive time spent checking DH q parameter value. Fixed DH_check() excessive time with over sized modulus. No longer ignoring empty associated data entries with AES-SIV. A change has been made to the enable-fips option.; tags | encryption, protocol; systems | unix; advisories | CVE-2023-2975, CVE-2023-3446, CVE-2023-3817; SHA-256 | a0ce69b8b97ea6a35b96875235aa453b966ba3cba8af2de23657d8b6767d6539; Download | Favorite | View

OpenSSL Toolkit 3.0.10: Posted Aug 1, 2023; Site openssl.org; OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.; Changes: Fixed excessive time spent checking DH q parameter value. Fixed DH_check() excessive time with over sized modulus. No longer ignoring empty associated data entries with AES-SIV.; tags | tool, encryption, protocol; systems | unix; advisories | CVE-2023-2975, CVE-2023-3446, CVE-2023-3817; SHA-256 | 1761d4f5b13a1028b9b6f3d4b8e17feb0cedc9370f6afe61d7193d2cdce83323; Download | Favorite | View

OpenSSL Security Advisory 20230714: Posted Jul 14, 2023; Site openssl.org; OpenSSL Security Advisory 20230714 - The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence.; tags | advisory; advisories | CVE-2023-2975; SHA-256 | 533eb47fbd60f88ad1ad3c18b56350b6804b9be10b8c81fe9a8f322433dad421; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 332 files
Ubuntu 53 files
Gentoo 32 files
Debian 22 files
Apple 9 files
malvuln 6 files
nu11secur1ty 5 files
Adam Gowdiak 4 files
Jann Horn 4 files
Ahmet Umit Bayram 4 files

File Archives

Systems

AIX (429)
Apple (2,088)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,044)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,499)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,776)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,910)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,514)
UNIX (9,404)
UnixWare (187)
Windows (6,660)
Other

CVE-2023-2975

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems