Skip to content

OSG-SEC-2022-03-16 HIGH Severity DOS Vulnerability in OpenSSL

Dear OSG Security Contacts,

A function in OpenSSL contains a bug that can be used by attackers to cause an infinite loop, resulting in a denial-of-service (DOS) attack against vulnerable hosts.

IMPACTED VERSIONS:

This issue affects OpenSSL versions 1.0.2, 1.1.0, 1.1.1 and 3.0.

WHAT ARE THE VULNERABILITIES:

The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. [1]

Vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters

WHAT YOU SHOULD DO:

Update to a patched version of OpenSSL

  • (OpenSSL 1.0.2) This version is out of support and no longer receiving public updates. Extended support to upgrade to 1.0.2zd is available for premium support customers: https://www.openssl.org/support/contracts.html. Other users should upgrade to 1.1.1n or 3.0.2.

  • (OpenSSL 1.1.0) This version is out of support and no longer receiving updates of any kind. Users should upgrade to 1.1.1n or 3.0.2.

  • (OpenSSL 1.1.1) Users should upgrade to 1.1.1n

  • (OpenSSL 3.0) Users should upgrade to 3.0.2

REFERENCES

[1] https://www.openssl.org/news/secadv/20220315.txt

Please contact the OSG security team at [email protected] if you have any questions or concerns.

OSG Security Team