Initially, the team hasn't shared many details about the vulnerability but does mention that this patch is for a new critical vulnerability affecting OpenSSL version 3.x.
What's New in OpenSSL v3.0.7
According to the ChangeLog update of OpenSSL 3.0.7, the latest version has three changes including a fix for two buffer overflows vulnerabilities.
- Added RIPEMD160 to the default provider.
- Fixed regressions are introduced in the 3.0.6 version.
- Fixed two buffer overflows in punycode decoding functions. (CVE-2022-3786] and (CVE-2022-3602)
About the Vulnerabilities
According to the security advisory, the OpenSSL team has fixed two high-severity Buffer Overflow vulnerabilities affecting OpenSSL versions 3.0.0 to 3.0.6.
- Email Address 4-byte Buffer Overflow (CVE-2022-3602)
- Email Address Variable Length Buffer Overflow (CVE-2022-3786)
The first flaw CVE-2022-3602 was discovered and reported by Polar Bear on 17th October 2022. This was the same issue that was marked Critical by the OpenSSL team and made a preannounced of the vulnerability. Later on, further analysis of some of the mitigating factors led this to be downgraded to HIGH. 😋
Email Address 4-byte Buffer Overflow (CVE-2022-3602): A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer.
An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution.
Many platforms implement stack overflow protections which would mitigate the risk of remote code execution. The risk may be further mitigated based on the stack layout for any given platform/compiler.
The second vulnerability was discovered by Viktor Dukhovni while researching CVE-2022-3602 on 18th October 2022. This is also classified as High severity issue.
Email Address Variable Length Buffer Overflow (CVE-2022-3786): A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service).
Who are Affected?
Users who are using OpenSSL versions 3.0.0 to 3.0.6 are vulnerable to the above-mentioned vulnerabilities. OpenSSL 1.1.1 and 1.0.2 are not affected by the issue.
OpenSSL 3.0.7 closes the vulnerability that exists in versions 3.0.0 to 3.0.6. Versions prior to OpenSSL 3.0.0, released in September 2021, are not affected by the vulnerability. Administrators of the current version 1.1.1 or 1.0.2 of the OpenSSL library, therefore, do not need to become active.
Mitigation
As both of the vulnerabilities are classified with High severity, we strongly recommend every OpenSSL 3.0 user should upgrade to OpenSSL 3.0.7.
You can download the latest version of OpenSSL or check the specific notes on upgrading to OpenSSL 3.0 from previous versions in the OpenSSL Migration Guide.
Exploit Code Released for OpenSSL Bug
In the meantime, the DataDog security lab has published the details blog post along with the proof of concept (PoC) code to crash a Windows deployment of vulnerable versions. Regarding the Linux system environment, they noted that Linux deployments are may potentially vulnerable.
"Some application runtimes, such as Node.js, embed their own version of OpenSSL and need to be upgraded as well."- they noted.
DataDog security lab was able to demonstrate that the vulnerability can be exploited to trigger a denial of service (DoS) condition on the following platforms:
- Windows 64-bit - OpenSSL 3.0.6 - Source compilation (Default Configuration)
- Windows 32-bit - OpenSSL 3.0.6 - Source compilation (Default Configuration)
HeartBleed 2.0 Shock
As OpenSSL team has given an issue a CRITICAL rating at the preannounced of the vulnerability. There were rumors about the HeartBleed 2.0 vulnerability.
Initially, in 2014 critical severity flaws named HeartBleed were disclosed that troubled Internet administrators around the world.
Heartbleed had a significant impact on all operations teams worldwide, and since then IT infrastructure has become ten times more complicated. The attack vector has become a lot larger, and rather than just having to examine their VMs, organizations need to start preparing to patch all their container images in response to this announcement.
Since then the OpenSSL project decided to announce critical vulnerabilities with about a week's notice. This allows potentially affected parties to prepare to quickly download and install the updates when available.