Lucene search
UbuntuUSN-5402-2HistoryMay 26, 2022 - 12:00 a.m.
OpenSSL vulnerabilities
2022-05-2600:00:00
ubuntu.com
103
Releases
- Ubuntu 16.04 ESM
Packages
- openssl - Secure Socket Layer (SSL) cryptographic library and tools
Details
USN-5402-1 fixed several vulnerabilities in OpenSSL. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Elison Niven discovered that OpenSSL incorrectly handled the c_rehash
script. A local attacker could possibly use this issue to execute arbitrary
commands when c_rehash is run. (CVE-2022-1292)
Aliaksei Levin discovered that OpenSSL incorrectly handled resources when
decoding certificates and keys. A remote attacker could possibly use this
issue to cause OpenSSL to consume resources, leading to a denial of
service. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-1473)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 16.04 | noarch | libssl1.0.0 | < 1.0.2g-1ubuntu4.20+esm3 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libcrypto1.0.0-udeb | < 1.0.2g-1ubuntu4.20 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libcrypto1.0.0-udeb-dbgsym | < 1.0.2g-1ubuntu4.20 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libssl-dev | < 1.0.2g-1ubuntu4.20 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libssl-dev-dbgsym | < 1.0.2g-1ubuntu4.20 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libssl-doc | < 1.0.2g-1ubuntu4.20 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libssl1.0.0 | < 1.0.2g-1ubuntu4.20 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libssl1.0.0-dbg | < 1.0.2g-1ubuntu4.20 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libssl1.0.0-dbgsym | < 1.0.2g-1ubuntu4.20 | UNKNOWN |
| Ubuntu | 16.04 | noarch | libssl1.0.0-udeb | < 1.0.2g-1ubuntu4.20 | UNKNOWN |
Related
osv
osv
openssl vulnerabilities
2022-05-26 13:34:08
openssl, openssl1.0 vulnerabilities
2022-05-04 13:21:13
Resource leakage when decoding certificates and keys
2022-05-03 12:00:00
nessus
nessus
Ubuntu 16.04 ESM : OpenSSL vulnerabilities (USN-5402-2)
2022-05-27 00:00:00
Amazon Linux 2022 : openssl (ALAS2022-2022-104)
2022-09-07 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5402-2)
2022-08-26 00:00:00
OpenSSL: Multiple Vulnerabilities (May 2022) - Windows
2022-05-04 00:00:00
OpenSSL: Multiple Vulnerabilities (May 2022) - Linux
2022-05-04 00:00:00
ics
ics
Siemens Brownfield Connectivity Client
2023-02-16 12:00:00
Mitsubishi Electric Multiple Factory Automation Products (Update D)
2023-02-02 12:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2022-05-04 00:00:00
redos
redos
ROS-20220524-01
2022-05-24 00:00:00
cloudfoundry
cloudfoundry
USN-5402-1: OpenSSL vulnerabilities | Cloud Foundry
2022-07-29 00:00:00
nodejsblog
nodejsblog
OpenSSL update assessment, and Node.js project plans
2022-05-05 00:00:00
ibm
ibm
freebsd
freebsd
OpenSSL -- Multiple vulnerabilities
2022-05-03 00:00:00
prion
prion
Design/Logic Flaw
2022-05-03 16:15:00
Command injection
2022-05-03 16:15:00
Command injection
2022-06-21 15:15:00
f5
f5
K00053434 : OPENSSL_LH_flush() function vulnerability CVE-2022-1473
2022-05-28 00:00:00
K00334558 : OpenSSL vulnerability CVE-2022-1473
2022-06-02 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2022-1473
2022-05-03 00:00:00
Vulnerability in OpenSSL CVE-2022-1292
2022-05-03 00:00:00
Vulnerability in OpenSSL CVE-2022-2068
2022-06-21 00:00:00
cvelist
cvelist
CVE-2022-1473 Resource leakage when decoding certificates and keys
2022-05-03 00:00:00
CVE-2022-1292 The c_rehash script allows command injection
2022-05-03 00:00:00
CVE-2022-2068 The c_rehash script allows command injection
2022-06-21 00:00:00
github
github
Resource leakage when decoding certificates and keys
2022-05-04 00:00:22
ubuntucve
ubuntucve
redhat
redhat
veracode
veracode
Denial Of Service (DoS)
2022-05-13 08:43:12
OS Command Injection
2022-05-11 10:47:23
rustsec
rustsec
Resource leakage when decoding certificates and keys
2022-05-03 12:00:00
redhatcve
redhatcve
alpinelinux
alpinelinux
oraclelinux
oraclelinux
openssl security and bug fix update
2022-08-30 00:00:00
openssl security update
2022-08-31 00:00:00
cve
cve
CVE-2022-1473
2022-05-03 16:15:00
CVE-2022-1292
2022-05-03 16:15:00
debiancve
debiancve
cbl_mariner
cbl_mariner
CVE-2022-1292 affecting package openssl 1.1.1k-9
2022-05-26 19:04:39
CVE-2022-1292 affecting package openssl for versions less than 1.1.1k-15
2022-06-03 17:54:02
fedora
fedora
[SECURITY] Fedora 35 Update: openssl-1.1.1o-1.fc35
2022-06-29 01:50:51
[SECURITY] Fedora 36 Update: openssl1.1-1.1.1o-1.fc36
2022-06-23 00:41:52
almalinux
almalinux
Moderate: openssl security and bug fix update
2022-08-30 00:00:00
checkpoint_advisories
checkpoint_advisories
OpenSSL c_rehash Script Command Injection (CVE-2022-1292)
2022-11-14 00:00:00
debian
debian
[SECURITY] [DLA 3008-1] openssl security update
2022-05-15 02:10:37
[SECURITY] [DSA 5139-1] openssl security update
2022-05-17 19:11:22
amazon
amazon
Medium: openssl
2022-05-31 23:50:00
Medium: openssl11
2022-07-06 03:14:00
Medium: openssl
2022-06-30 23:38:00
mageia
mageia
Updated openssl packages fix security vulnerability
2022-05-12 13:24:45
githubexploit
githubexploit
Exploit for OS Command Injection in Openssl
2022-05-25 07:06:48
Exploit for OS Command Injection in Openssl
2022-09-01 07:00:00
Exploit for OS Command Injection in Openssl
2022-07-26 11:33:10
slackware
slackware
[slackware-security] openssl
2022-05-04 21:32:34
[slackware-security] Slackware 14.2 openssl
2022-06-28 19:28:45
[slackware-security] openssl
2022-06-23 05:32:23
suse
suse
Security update for openssl-3 (important)
2022-07-06 00:00:00
Security update for openssl-1_0_0 (moderate)
2022-07-07 00:00:00
Security update for openssl-1_1 (moderate)
2022-07-04 00:00:00
cloudlinux
cloudlinux
Fixed CVEs in openssl: CVE-2022-1292, CVE-2022-2068
2022-07-14 16:53:26
photon
photon
Critical Photon OS Security Update - PHSA-2022-3.0-0391
2022-05-06 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1p-alt1
2022-06-22 00:00:00
Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1p-alt1
2022-06-24 00:00:00
broadcom
broadcom