Lucene search

CVE-2022-2097 AES OCB fails to encrypt some bytes

🗓️ 05 Jul 2022 10:13:30Reported by opensslType

AES OCB mode fails to encrypt some bytes affecting 32-bit x86 platform

Reporter	Title	Published	Views	Family All 199
Tenable Nessus	SUSE SLES15 Security Update : openssl-1_1 (SUSE-SU-2022:2311-1)	8 Jul 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2022 : openssl, openssl-devel, openssl-libs (ALAS2022-2022-147)	14 Oct 202200:00	–	nessus
Tenable Nessus	Azure Linux 3.0 Security Update: edk2 / hvloader / openssl (CVE-2022-2097)	10 Feb 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP8 : openssl (EulerOS-SA-2022-2476)	9 Oct 202200:00	–	nessus
Tenable Nessus	Amazon Linux 2 : openssl11 (ALAS-2023-1974)	7 Mar 202300:00	–	nessus
Tenable Nessus	CBL Mariner 2.0 Security Update: edk2 / hvloader / openssl (CVE-2022-2097)	20 Mar 202300:00	–	nessus
Tenable Nessus	Photon OS 4.0: Openssl PHSA-2022-4.0-0207	23 Jul 202400:00	–	nessus
Tenable Nessus	OpenSSL 1.1.1 < 1.1.1q Vulnerability	5 Jul 202200:00	–	nessus
Tenable Nessus	Oracle MySQL Connectors (Oct 2022 CPU)	20 Oct 202200:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2022-2097	5 Mar 202500:00	–	nessus

[
  {
    "vendor": "OpenSSL",
    "product": "OpenSSL",
    "versions": [
      {
        "version": "Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4)",
        "status": "affected"
      },
      {
        "version": "Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p)",
        "status": "affected"
      }
    ]
  }
]

Source	Link
security	www.security.netapp.com/advisory/ntap-20220715-0011/
debian	www.debian.org/security/2023/dsa-5343
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/
openssl	www.openssl.org/news/secadv/20220705.txt
lists	www.lists.debian.org/debian-lts-announce/2023/02/msg00019.html
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/
security	www.security.gentoo.org/glsa/202210-02
git	www.git.openssl.org/gitweb/
security	www.security.netapp.com/advisory/ntap-20230420-0008/
git	www.git.openssl.org/gitweb/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

05 Jul 2022 10:30Current

7.6High risk

Vulners AI Score7.6

EPSS0.00533