USN-6435-1: OpenSSL vulnerabilities

It was discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker could possibly use this issue to cause a denial of service. CVE-2023-3446 Bernd Edlinger discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker...

USN-6435-1 openssl vulnerabilities

It was discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker could possibly use this issue to cause a denial of service. CVE-2023-3446 Bernd Edlinger discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker...

nodejs: DiffieHellman do not generate keys after setting a private key

A vulnerability has been identified in the Node.js, where a generateKeys API function returned from crypto.createDiffieHellman only generates missing or outdated keys, that is, it only generates a private key if none has been set yet...

The vulnerability of the implementation of TLS and SSL software developed by Mbed TLS allows a perpetrator to execute arbitrary code.

The vulnerability of the implementation of TLS and SSL software developed by Mbed TLS is related to the possibility of buffer overflow attacks. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely by sending specially crafted open ECDH or FFDH keys...

PT-2023-5756 · Mbed Tls +1 · Mbed Tls +1

Name of the Vulnerable Software and Affected Versions: Mbed TLS versions 3.2.x through 3.4.x Description: The issue is related to a buffer overflow in Mbed TLS, which can lead to remote code execution. This occurs due to a heap-based buffer overflow vulnerability in the implementation of TLS and...

nodejs: DiffieHellman do not generate keys after setting a private key

A vulnerability has been identified in the Node.js, where a generateKeys API function returned from crypto.createDiffieHellman only generates missing or outdated keys, that is, it only generates a private key if none has been set yet...

Siemens LOGO! CMR and SIMATIC RTU 3000 Incorrect Calculation of Buffer Size (CVE-2020-36475)

An issue was discovered in Mbed TLS before 2.25.0 and before 2.16.9 LTS and before 2.7.18 LTS. The calculations performed by mbedtlsmpiexpmod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie- Hellman key pairs. This plugin only works...

K000136903: OpenSSL Diffie-Hellman vulnerability CVE-2023-3446

Security Advisory Description Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckex or EVPPKEYparamcheck to check a DH key or DH parameters may experience long delays. Where the key or parameters tha...

CLSA-2023-1693419971 Fix CVE(s): CVE-2023-3817

SECURITY UPDATE: Checking excessively long DH keys or parameters may be very slow. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. - debian/patches/CVE-2023-3817.patch: Add a prior check and process only a correc...

CLSA-2023-1693419428 Fix CVE(s): CVE-2023-3817

SECURITY UPDATE: Checking excessively long DH keys or parameters may be very slow. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. - debian/patches/CVE-2023-3817.patch: Add a prior check and process only a correc...

CLSA-2023-1693418632 openssl: Fix of CVE-2023-3817

CVE-2023-3817: Add a prior check and process only correct DH keys...

CLSA-2023-1693418284 openssl: Fix of CVE-2023-3817

CVE-2023-3817: Add a prior check and process only correct DH keys...

The vulnerability of the functions DH_check(), DH_check_ex(), or EVP_PKEY_param_check() in the OpenSSL library allows a attacker to cause a service failure.

The vulnerability of the DHcheck, DHcheckex, or EVPPKEYparamcheck functions in the OpenSSL library is related to the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

The vulnerabilities of the functions DH_check(), DH_check_ex(), and EVP_PKEY_param_check() in the OpenSSL library allow a attacker to cause a service failure.

The vulnerabilities of the functions DHcheck, DHcheckex, and EVPPKEYparamcheck in the OpenSSL library are related to excessive iteration. Exploiting these vulnerabilities can allow a remote attacker to cause service failures...

OESA-2023-1481 openssl security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHchec...

PT-2025-49677

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's crypto/lib/mpi module, specifically within the mpi cmp ui function, which can lead to a null pointer dereference. This issue occurs during NVMeTCP...

openssh security update

7.4p1-23.0.1fips - Change Epoch from 1 to 10 - Enable fips KDF POST Orabug: 32461750 - Disable diffie-hellman-group-exchange-sha256 KEX FIPS method Orabug: 32461739 7.4p1-23.0.1 - enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer without...

nodejs: DiffieHellman do not generate keys after setting a private key

A vulnerability has been identified in the Node.js, where a generateKeys API function returned from crypto.createDiffieHellman only generates missing or outdated keys, that is, it only generates a private key if none has been set yet...

nodejs: DiffieHellman do not generate keys after setting a private key

A vulnerability has been identified in the Node.js, where a generateKeys API function returned from crypto.createDiffieHellman only generates missing or outdated keys, that is, it only generates a private key if none has been set yet...

Excessive time spent checking DH q parameter value

...