Lucene search

K
oraclelinuxOracleLinuxELSA-2022-5818
HistoryAug 02, 2022 - 12:00 a.m.

openssl security update

2022-08-0200:00:00
linux.oracle.com
54

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

[1:1.1.1k-7]

  • Fix CVE-2022-2097: AES OCB fails to encrypt some bytes on 32-bit x86
    Resolves: CVE-2022-2097
  • Update expired certificates used in the testsuite
    Resolves: rhbz#2100554
  • Fix CVE-2022-1292: openssl: c_rehash script allows command injection
    Resolves: rhbz#2090371
  • Fix CVE-2022-2068: the c_rehash script allows command injection
    Resolves: rhbz#2098278

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

Related for ELSA-2022-5818