Lucene search

K
ubuntucveUbuntu.comUB:CVE-2024-0727
HistoryJan 26, 2024 - 12:00 a.m.

CVE-2024-0727

2024-01-2600:00:00
ubuntu.com
ubuntu.com
32
openssl
pkcs12
null pointer
vulnerability
denial of service

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

6.2

Confidence

Low

EPSS

0.002

Percentile

61.1%

Issue summary: Processing a maliciously formatted PKCS12 file may lead
OpenSSL to crash leading to a potential Denial of Service attack Impact
summary: Applications loading files in the PKCS12 format from untrusted
sources might terminate abruptly. A file in PKCS12 format can contain
certificates and keys and may come from an untrusted source. The PKCS12
specification allows certain fields to be NULL, but OpenSSL does not
correctly check for this case. This can lead to a NULL pointer dereference
that results in OpenSSL crashing. If an application processes PKCS12 files
from an untrusted source using the OpenSSL APIs then that application will
be vulnerable to this issue. OpenSSL APIs that are vulnerable to this are:
PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(),
PKCS12_unpack_authsafes() and PKCS12_newpass(). We have also fixed a
similar issue in SMIME_write_PKCS7(). However since this function is
related to writing data we do not consider it security significant. The
FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.

Notes

Author Note
Priority reason: Upstream OpenSSL developers have rated this to be a low severity issue

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

AI Score

6.2

Confidence

Low

EPSS

0.002

Percentile

61.1%