Lucene search
OracleLinuxELSA-2022-4899HistoryJun 30, 2022 - 12:00 a.m.
compat-openssl11 security and bug fix update
2022-06-3000:00:00
linux.oracle.com
29
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
[1:1.1.1k-4.0.1]
- Backport upstream PRs 18446 and 18481 which update
certificates used for the self-tests [Orabug: 34326055]
[1:1.1.1k-4] - Fixes CVE-2022-0778 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
Resolves: rhbz#2063147 - Disable FIPS mode; it does not work and will not be certified
Resolves: rhbz#2091968
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 9 | src | compat-openssl11 | < 1.1.1k-4.0.1.el9_0 | compat-openssl11-1.1.1k-4.0.1.el9_0.src.rpm |
| oracle linux | 9 | aarch64 | compat-openssl11 | < 1.1.1k-4.0.1.el9_0 | compat-openssl11-1.1.1k-4.0.1.el9_0.aarch64.rpm |
| oracle linux | 9 | src | compat-openssl11 | < 1.1.1k-4.0.1.el9_0 | compat-openssl11-1.1.1k-4.0.1.el9_0.src.rpm |
| oracle linux | 9 | i686 | compat-openssl11 | < 1.1.1k-4.0.1.el9_0 | compat-openssl11-1.1.1k-4.0.1.el9_0.i686.rpm |
| oracle linux | 9 | x86_64 | compat-openssl11 | < 1.1.1k-4.0.1.el9_0 | compat-openssl11-1.1.1k-4.0.1.el9_0.x86_64.rpm |
Related
checkpoint_advisories
checkpoint_advisories
OpenSSL Denial of Service (CVE-2022-0778)
2022-03-27 00:00:00
oraclelinux
oraclelinux
openssl security update
2022-03-18 00:00:00
openssl security update
2022-03-18 00:00:00
openssl security update
2022-03-23 00:00:00
nessus
nessus
RHEL 7 : openssl (RHSA-2022:1066)
2022-03-29 00:00:00
EulerOS 2.0 SP9 : openssl (EulerOS-SA-2022-1849)
2022-06-15 00:00:00
Oracle Linux 8 : openssl (ELSA-2022-9243)
2022-03-23 00:00:00
hivepro
hivepro
OpenSSL exposed to Denial-of-service vulnerability causing Infinite Loop
2022-03-17 14:17:00
ubuntucve
ubuntucve
CVE-2022-0778
2022-03-15 00:00:00
slackware
slackware
[slackware-security] openssl
2022-03-17 19:59:07
alpinelinux
alpinelinux
CVE-2022-0778
2022-03-15 17:15:00
redhat
redhat
(RHSA-2022:1073) Important: openssl security update
2022-03-28 08:56:18
(RHSA-2022:1519) Important: Red Hat JBoss Web Server 5.6.2 Security Update
2022-05-02 11:02:22
(RHSA-2022:4899) Important: compat-openssl11 security and bug fix update
2022-06-02 21:13:31
ibm
ibm
cve
cve
CVE-2022-0778
2022-03-15 17:15:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:0854-1)
2022-03-16 00:00:00
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2022-1795)
2022-06-07 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:14915-1)
2022-03-16 00:00:00
osv
osv
BIT-mysql-client-2022-0778
2024-03-06 11:05:22
Important: openssl security update
2022-03-28 07:46:07
Infinite loop in `BN_mod_sqrt()` reachable when parsing certificates
2022-03-15 12:00:00
rocky
rocky
compat-openssl11 security and bug fix update
2022-06-02 21:13:31
compat-openssl10 security update
2022-06-28 10:53:54
amazon
amazon
Important: openssl, openssl11
2022-03-15 18:49:00
Important: openssl
2022-03-15 18:54:00
cbl_mariner
cbl_mariner
CVE-2022-0778 affecting package openssl 1.1.1k-30
2022-04-09 06:51:56
debiancve
debiancve
CVE-2022-0778
2022-03-15 17:15:00
cloudfoundry
cloudfoundry
USN-5328-1: OpenSSL vulnerability | Cloud Foundry
2022-05-23 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: openssl-1.1.1n-1.fc35
2022-03-22 03:44:53
fortinet
fortinet
Protect
2022-04-01 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl1.1 version 1.1.1n-alt1
2022-03-24 00:00:00
Security fix for the ALT Linux 10 package openssl1.1 version 1.1.1n-alt1
2022-03-18 00:00:00
Security fix for the ALT Linux 10 package node version 16.14.2-alt1
2022-04-23 00:00:00
prion
prion
Code injection
2022-03-15 17:15:00
githubexploit
githubexploit
Exploit for Infinite Loop in Openssl
2023-10-30 09:52:21
Exploit for Infinite Loop in Openssl
2022-04-04 18:09:06
Exploit for Infinite Loop in Openssl
2022-03-15 19:06:33
github
github
redos
redos
ROS-20220318-02
2022-03-18 00:00:00
aix
aix
AIX is vulnerable to a denial of service due to OpenSSL
2022-05-13 09:32:08
ics
ics
Siemens OpenSSL Affected Industrial Products (Update E)
2023-01-13 12:00:00
checkpoint_security
checkpoint_security
Check Point response to OpenSSL CVE-2022-0778 (possible infinite loop when parsing ECDSA certificates/keys)
2022-03-16 06:41:44
Check Point response to CVE-2022-0778
2022-07-03 22:15:24
veracode
veracode
Denial Of Service (DoS)
2022-03-16 09:55:55
suse
suse
Security update for openssl-1_0_0 (important)
2022-03-15 00:00:00
thn
thn
QNAP Warns of OpenSSL Infinite Loop Vulnerability Affecting NAS Devices
2022-03-31 03:23:00
cloudlinux
cloudlinux
Fix of CVE: CVE-2022-0778
2022-03-17 20:51:13
openssl
openssl
Vulnerability in OpenSSL CVE-2022-0778
2022-03-15 00:00:00
mageia
mageia
Updated openssl packages fix security vulnerability
2022-03-23 11:36:28
centos
centos
openssl security update
2022-03-29 13:36:31
debian
debian
[SECURITY] [DLA 2953-1] openssl1.0 security update
2022-03-17 09:50:32
photon
photon
Important Photon OS Security Update - PHSA-2022-0162
2022-03-16 00:00:00
paloalto
paloalto
Impact of the OpenSSL Infinite Loop Vulnerability CVE-2022-0778
2022-03-31 02:30:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related for ELSA-2022-4899