U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2022-3786

Change History

CVE Modified by OpenSSL Software Foundation 11/04/2022 8:15:17 AM

Action Type Old Value New Value
Changed Description
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6).
A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
Added Reference

								
							
							
						
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=c42165b5706e42f67ef8ef4c351a9a4c5d21639a [No Types Assigned]
Removed Reference
http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html [No Types Assigned]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/01/15 [Mailing List, Third Party Advisory]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/01/16 [Mailing List, Third Party Advisory]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/01/17 [Mailing List, Third Party Advisory]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/01/18 [Mailing List, Third Party Advisory]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/01/19 [Mailing List, Third Party Advisory]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/01/20 [Mailing List, Third Party Advisory]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/01/21 [Mailing List, Third Party Advisory]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/01/24 [Mailing List, Third Party Advisory]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/02/1 [Mailing List, Third Party Advisory]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/02/10 [Mailing List, Third Party Advisory]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/02/11 [No Types Assigned]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/02/12 [No Types Assigned]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/02/13 [No Types Assigned]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/02/14 [No Types Assigned]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/02/15 [No Types Assigned]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/02/2 [Mailing List, Third Party Advisory]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/02/3 [Mailing List, Third Party Advisory]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/02/5 [Mailing List, Third Party Advisory]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/02/6 [Mailing List, Third Party Advisory]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/02/7 [Mailing List, Third Party Advisory]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/02/9 [Mailing List, Third Party Advisory]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/03/1 [No Types Assigned]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/03/10 [No Types Assigned]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/03/11 [No Types Assigned]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/03/2 [No Types Assigned]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/03/3 [No Types Assigned]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/03/5 [No Types Assigned]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/03/6 [No Types Assigned]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/03/7 [No Types Assigned]

								
						
Removed Reference
http://www.openwall.com/lists/oss-security/2022/11/03/9 [No Types Assigned]

								
						
Removed Reference
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=c42165b5706e42f67ef8ef4c351a9a4c5d21639a [No Types Assigned]

								
						
Removed Reference
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/ [No Types Assigned]

								
						
Removed Reference
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/ [No Types Assigned]

								
						
Removed Reference
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023 [Third Party Advisory]

								
						
Removed Reference
https://security.gentoo.org/glsa/202211-01 [Issue Tracking, Third Party Advisory]

								
						
Removed Reference
https://security.netapp.com/advisory/ntap-20221102-0001/ [No Types Assigned]

								
						
Removed Reference
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-W9sdCc2a [Third Party Advisory]

								
						
Removed Reference
https://www.kb.cert.org/vuls/id/794340 [No Types Assigned]