Overview
About vulnerability
If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. Policy processing being enabled on a publicly facing server is not considered to be a common setup.
Policy processing is enabled by passing the -policy' argument to the command line utilities or by calling the X509_VERIFY_PARAM_set1_policies()’ function.
Update (31 March 2023): The description of the policy processing enablement was corrected based on CVE-2023-0466.
Details
- Affected product:
- AlmaLinux 9.2 ESU , CentOS 6 ELS , CentOS 8.4 ELS , CentOS 8.5 ELS , CloudLinux 6 ELS , Debian 10 , Debian 11 , Debian 12 , Debian 13 , EL 7 , EL 8 , EL 9 , Oracle Linux 6 ELS , Ubuntu 16.04 , Ubuntu 16.04 ELS , Ubuntu 18.04 , Ubuntu 18.04 ELS , Ubuntu 20.04 , Ubuntu 22.04 , Ubuntu 24.04
- Affected packages:
- openssl @ 1.1.1 (+20 more)
If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. Policy processing being enabled on a publicly facing server is not considered to be a common setup.
Policy processing is enabled by passing the -policy' argument to the command line utilities or by calling the X509_VERIFY_PARAM_set1_policies()’ function.
Update (31 March 2023): The description of the policy processing enablement was corrected based on CVE-2023-0466.