Checking excessively long DSA keys or parameters may be very slow

OpenSSL contains an unbounded computation flaw when performing checks on excessively large DSA keys or parameters, which could lead to a denial-of-service DoS attack. The OpenSSL pkey, pkeyparam command line apps, and FIPS providers are affected...

AZL-78534 CVE-2024-4603 affecting package openssl-fips-provider 3.1.2-1

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

FreeBSD : OpenSSL -- Excessive time spent checking DH q parameter value (bad6588e-2fe0-11ee-a0d1-84a93843eb75)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the bad6588e-2fe0-11ee-a0d1-84a93843eb75 advisory. - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openssl-1_1 (SUSE-SU-2023:2962-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2962-1 advisory. - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:...

CVE-2023-3446

Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckex or EVPPKEYparamcheck to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been...