Skip to content

Commit 99a3865

Browse files
amoussetamousset
authored
Add CVE-2022-3358 for openssl-src (#1433)
1 parent 842d34e commit 99a3865

1 file changed

Lines changed: 40 additions & 0 deletions

File tree

crates/openssl-src/RUSTSEC-0000-0000.md

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
```toml
2+
[advisory]
3+
id = "RUSTSEC-0000-0000"
4+
package = "openssl-src"
5+
aliases = ["CVE-2022-3358"]
6+
categories = ["crypto-failure"]
7+
date = "2022-10-11"
8+
url = "https://www.openssl.org/news/secadv/20221011.txt"
9+
10+
[versions]
11+
patched = [">= 300.0.10"]
12+
unaffected = ["< 300.0.0"]
13+
```
14+
15+
# Using a Custom Cipher with `NID_undef` may lead to NULL encryption
16+
17+
OpenSSL supports creating a custom cipher via the legacy `EVP_CIPHER_meth_new()`
18+
function and associated function calls. This function was deprecated in OpenSSL
19+
3.0 and application authors are instead encouraged to use the new provider
20+
mechanism in order to implement custom ciphers.
21+
22+
OpenSSL versions 3.0.0 to 3.0.5 incorrectly handle legacy custom ciphers passed
23+
to the `EVP_EncryptInit_ex2()`, `EVP_DecryptInit_ex2()` and `EVP_CipherInit_ex2()`
24+
functions (as well as other similarly named encryption and decryption
25+
initialisation functions). Instead of using the custom cipher directly it
26+
incorrectly tries to fetch an equivalent cipher from the available providers.
27+
An equivalent cipher is found based on the NID passed to `EVP_CIPHER_meth_new()`.
28+
This NID is supposed to represent the unique NID for a given cipher. However it
29+
is possible for an application to incorrectly pass `NID_undef` as this value in
30+
the call to `EVP_CIPHER_meth_new()`. When `NID_undef` is used in this way the
31+
OpenSSL encryption/decryption initialisation function will match the NULL cipher
32+
as being equivalent and will fetch this from the available providers. This will
33+
succeed if the default provider has been loaded (or if a third party provider
34+
has been loaded that offers this cipher). Using the NULL cipher means that the
35+
plaintext is emitted as the ciphertext.
36+
37+
Applications are only affected by this issue if they call `EVP_CIPHER_meth_new()`
38+
using `NID_undef` and subsequently use it in a call to an encryption/decryption
39+
initialisation function. Applications that only use SSL/TLS are not impacted by
40+
this issue.

0 commit comments

Comments
 (0)