The first: This isn’t Heartbleed redux [298 words].
What bugs were fixed: OpenSSL version 3.0.7 fixes two “high” severity vulnerabilities in OpenSSL versions 3.0.0 to 3.0.6. The vulnerabilities are CVE-2022-3786 an X.509 Email Address Variable Length Buffer Overflow and CVE-2022-3602, an X.509 Email Address 4-byte Buffer Overflow. The bugs are tied to a punycode decoding functionality for expressing non-ASCII characters in domain names.
The OpenSSL Project originally assessed CVE-2022-3602 as “critical” because it could potentially enable remote code execution. But it decided to downgrade the vulnerability to “high” based on feedback from industry stakeholders that tested the vulnerability.
What’s affected: Any OpenSSL 3.0 app that verifies X.509 certificates from untrusted sources are potentially vulnerable. “This includes TLS clients, and TLS servers that are configured to use TLS client authentication,” the OpenSSL project team said
SANS has assessed that while CVE-2022-3602 could potentially enable RCE remote the requirements for triggering it are not trivial. The vulnerability is not generally exploitable against servers, but it may be if the server requests a certificate from the client, SANS said,
Recommended action: Patch quickly when updates are available. But no further immediate action is required. There is no need to replace TLS server certificates.
Given the fact the vulnerability is primarily client-side, requires the malicious certificate to be signed by a trusted CA (or the user to ignore the warning), and is complex to exploit, I estimate a low chance of seeing in-the-wild exploitation—Security researcher Marcus Hutchins
Potential mitigation for users that can’t immediately update to OpenSSL v 3.0.7: Consider disabling TLS client authentication till the fix can be applied.
Are the vulnerabilities being exploited: There has been no sign yet of exploit activity targeting the flaws.
Further reading
