Showing 1 - 5 of 5

CVE-2023-5363

Status Candidate

Overview

Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality for some cipher modes. When calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or EVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after the key and IV have been established. Any alterations to the key length, via the "keylen" parameter or the IV length, via the "ivlen" parameter, within the OSSL_PARAM array will not take effect as intended, potentially causing truncation or overreading of these values. The following ciphers and cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB. For the CCM, GCM and OCB cipher modes, truncation of the IV can result in loss of confidentiality. For example, when following NIST's SP 800-38D section 8.2.1 guidance for constructing a deterministic IV for AES in GCM mode, truncation of the counter portion could lead to IV reuse. Both truncations and overruns of the key and overruns of the IV will produce incorrect results and could, in some cases, trigger a memory exception. However, these issues are not currently assessed as security critical. Changing the key and/or IV lengths is not considered to be a common operation and the vulnerable API was recently introduced. Furthermore it is likely that application developers will have spotted this problem during testing since decryption would fail unless both peers in the communication were similarly vulnerable. For these reasons we expect the probability of an application being vulnerable to this to be quite low. However if an application is vulnerable then this issue is considered very serious. For these reasons we have assessed this issue as Moderate severity overall. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this because the issue lies outside of the FIPS provider boundary. OpenSSL 3.1 and 3.0 are vulnerable to this issue.

Related Files

Red Hat Security Advisory 2024-0500-03: Posted Jan 26, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0500-03 - An update for openssl is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-5363; SHA-256 | 79ea5b662faf0d46f123482b6437eccc01739ac46cb2ae34fb71fc9700d2edbd; Download | Favorite | View

Red Hat Security Advisory 2024-0310-03: Posted Jan 22, 2024; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2024-0310-03 - An update for openssl is now available for Red Hat Enterprise Linux 9.; tags | advisory; systems | linux, redhat; advisories | CVE-2023-5363; SHA-256 | d0396378dbfbc86737348e88da6a5be9ca8812adb6f269f14e35deccf3f3cee5; Download | Favorite | View

Debian Security Advisory 5532-1: Posted Oct 25, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5532-1 - Tony Battersby reported that incorrect cipher key and IV length processing in OpenSSL, a Secure Sockets Layer toolkit, may result in loss of confidentiality for some symmetric cipher modes.; tags | advisory; systems | linux, debian; advisories | CVE-2023-5363; SHA-256 | 0805665325be039bebf1106b9e5ef924fa2a8fe8807bc8c416268fe331d060a2; Download | Favorite | View

Ubuntu Security Notice USN-6450-1: Posted Oct 24, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6450-1 - Tony Battersby discovered that OpenSSL incorrectly handled key and initialization vector lengths. This could lead to truncation issues and result in loss of confidentiality for some symmetric cipher modes. Juerg Wullschleger discovered that OpenSSL incorrectly handled the AES-SIV cipher. This could lead to empty data entries being ignored, resulting in certain applications being misled. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04.; tags | advisory; systems | linux, ubuntu; advisories | CVE-2023-2975, CVE-2023-3817, CVE-2023-5363; SHA-256 | 2d9459c9594f7dcc383dafcaff6092d57b63e811ab043a65d9d9516541186813; Download | Favorite | View

OpenSSL Security Advisory 20231024: Posted Oct 24, 2023; Site openssl.org; OpenSSL Security Advisory 20231024 - A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers.; tags | advisory, overflow; advisories | CVE-2023-5363; SHA-256 | f4d3485a23985abf9c4d8cc118c959af0f23c7e3e3cd388642bad93425715bd6; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 239 files
indoushka 139 files
Ubuntu 79 files
Gentoo 33 files
Debian 26 files
Sebastian Hamann 8 files
Jann Horn 7 files
Google Security Research 6 files
Moritz Abrell 6 files
Jaggar Henry 6 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,110)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,941)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,657)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,783)
UNIX (9,443)
UnixWare (187)
Windows (6,679)
Other

CVE-2023-5363

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems