Two new vulnerabilities in popular open source library OpenSSL could theoretically cause remote code execution (RCE) and denial of service, although they’re less severe than anticipated.
The developers downgraded the status of the much-anticipated software flaws from critical to high severity after additional analysis.
It was rumored that they could be as bad as 2014’s Heartbleed; the last time a critical bug was reported in the near-ubiquitous open source toolkit, which is used to encrypt traffic flowing over the internet.
CVE-2022-3602 is described as an “X.509 email address 4-byte buffer overflow” vulnerability.
“An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution,” the OpenSSL team wrote.
“In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.”
However, OpenSSL developers noted that they had downgraded the severity of the above bug because “many platforms implement stack overflow protections which would mitigate against the risk of RCE.”
They added that this risk could be further mitigated “based on stack layout for any given platform/compiler.”
A second vulnerability was discovered while researchers were working on the first.
CVE-2022-3786 is an “X.509 email address variable length buffer overflow” issue that, like the first, is exposed during TLS certificate verification.
However, it can only be leveraged to cause denial of service (DoS), not RCE, OpenSSL confirmed.
Both vulnerabilities are found in OpenSSL version 3.0.0, which will further limit their impact as most organizations have yet to migrate to the new version. However, those that have may find it challenging to find all the dependencies and DLLs where OpenSSL is present.
That said, most experts agree that the chances of exploitability are low.
“The vulnerability requires a malformed certificate that is trusted or signed by a naming authority,” argued Sonatype CTO, Brian Fox. “That means that [certificate] authorities should be able to quickly prevent certificates designed to target this vulnerability from being created, further limiting the scope.”
Sophos APAC head of technology, Paul Ducklin, pointed to additional reasons why security teams can breathe a slight sigh of relief.
“The original bug only allows an attacker to corrupt four bytes on the stack, which limits the exploitability of the hole, while the second bug allows an unlimited amount of stack overflow, but apparently only of the ‘dot’ character (ASCII 46, or 0x2E) repeated over and over again,” he said.
However, organizations should still prioritize patching affected OpenSSL versions.
“Although these sorts of stack overflow (one of limited size and the other of limited data values) sound as though they will be hard to exploit for code execution (especially in 64-bit software, where four bytes is only half of a memory address), they are almost certain to be easily exploitable for DoS attacks, where the sender of a rogue certificate could crash the recipient of that certificate at will,” Ducklin argued.
OpenSSL said there had been no known exploits published at the time of writing.