On November 1 the OpenSSL Project released patches addressing the previously rated "Critical" vulnerability that was pre-announced last week. The "Critical" rating has been downgraded to "High."
The vulnerability was split between two CVEs (both rated "High"), CVE-2022-3786 and CVE-2022-3602. Both vulnerabilities affect how a TLS server or client verify an X.509 certificate, specifically the email address. In order to exploit the vulnerability, the attacker requires a specifically crafted X.509 certificate that contains a specially crafted email address. Upon attempting to verify the X.509 certificate, the email field can cause a memory overrun issue that can allow the attacker to crash the TLS software, potentially embedding and executing attacker-controlled code.
CVE-2022-3602: X.509 Email Address 4-byte Buffer Overflow
In the case of CVE-2022-3602, the maliciously crafted email address allows the attacker to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially allow remote code execution.
CVE-2022-3786: X.509 Email Address Variable Length Buffer Overflow
In the case of CVE-2022-3786, the maliciously crafted email address allows the attacker to overflow an arbitrary number of bytes containing the `.' character on the stack resulting in a crash/DoS attack.
In a TLS client, the vulnerability can be exploited by connecting to a server using a maliciously crafted and signed certificate. This only affects a TLS server if it uses client authentication of the TLS connection and a client with a maliciously crafted certificate connects.
The malicious certificate requires a valid CA signature in order to pass certificate chain signature verification. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution in the case of CVE-2022-3602. The OpenSSL Project is not aware of any working exploit that could lead to remote code execution, and there is no evidence of this issue being exploited as of the time of release of this advisory (November 1, 2022). 3.x versions of OpenSSL only represent ~1.5% of installations, according to Wiz Labs.
OpenSSL versions 3.0.0 to 3.0.6 are vulnerable to this issue and all OpenSSL 3.x users should upgrade to OpenSSL 3.0.7. OpenSSL 1.1.1 and 1.0.2 are not affected by this issue.
While there is no active exploit, Trustwave is currently monitoring the situation to make sure that our customers are protected against attacks targeting this vulnerability. We will update this post as more information comes in.