Launchpad.net

CVE 2022-3996

If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. Policy processing being enabled on a publicly facing server is not considered to be a common setup. Policy processing is enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. Update (31 March 2023): The description of the policy processing enablement was corrected based on CVE-2023-0466.

Related bugs and status

CVE-2022-3996 (Candidate) is related to these bugs:

Bug #1998942: openssl: merge 3.0.7-1 from Debian unstable

Summary				In	Importance	Status
	1998942	openssl: merge 3.0.7-1 from Debian unstable		openssl (Ubuntu)	Undecided	Fix Released

Bug #1999139: Outdate version check for restart in libssl3.postinst

Summary				In	Importance	Status
	1999139	Outdate version check for restart in libssl3.postinst		openssl (Ubuntu)	Undecided	Fix Released

Bug #2007730: Unpatched CVE in Jammy

Summary				In	Importance	Status
	2007730	Unpatched CVE in Jammy		openssl (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://www.openssl.or...
MISC: https://github.com/ope...