Description
CVE-2023-6237 found in deb/debian/[email protected]~deb12u2
Important
Risk: 1.90 (Low)
CVSS: 5.9
Description
Issue summary: Checking excessively long invalid RSA public keys may take
a long time.
Impact summary: Applications that use the function EVP_PKEY_public_check()
to check RSA public keys may experience long delays. Where the key that
is being checked has been obtained from an untrusted source this may lead
to a Denial of Service.
When function EVP_PKEY_public_check() is called on RSA public keys,
a computation is done to confirm that the RSA modulus, n, is composite.
For valid RSA keys, n is a product of two or more large primes and this
computation completes quickly. However, if n is an overly large prime,
then this computation would take a long time.
An application that calls EVP_PKEY_public_check() and supplies an RSA key
obtained from an untrusted source could be vulnerable to a Denial of Service
attack.
The function EVP_PKEY_public_check() is not called from other OpenSSL
functions however it is called from the OpenSSL pkey command line
application. For that reason that application is also vulnerable if used
with the '-pubin' and '-check' options on untrusted data.
The OpenSSL SSL/TLS implementation is not affected by this issue.
The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.
Affected component
The vulnerability is in pkg:deb/debian/[email protected]~deb12u2, detected by github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning, github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning:test.
Recommended fix
No fix is available.
Additional guidance for mitigating vulnerabilities
Visit our guides on devguard.org
See more details...
Path to component
%%{init: { 'theme':'base', 'themeVariables': {
'primaryColor': '#F3F3F3',
'primaryTextColor': '#0D1117',
'primaryBorderColor': '#999999',
'lineColor': '#999999',
'secondaryColor': '#ffffff',
'tertiaryColor': '#ffffff'
} }}%%
flowchart TD
root(["root"]) --- github_com_l3montree_dev_devguard_cmd_devguard_scanner_container_scanning(["github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning"])
github_com_l3montree_dev_devguard_cmd_devguard_scanner_container_scanning(["github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning"]) --- debian_12_7(["debian\@12.7"])
debian_12_7(["debian\@12.7"]) --- debian_ca_certificates(["debian/ca-certificates"])
debian_ca_certificates(["debian/ca-certificates"]) --- debian_openssl(["debian/openssl"])
root(["root"]) --- github_com_l3montree_dev_devguard_cmd_devguard_scanner_container_scanning_test(["github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning:test"])
github_com_l3montree_dev_devguard_cmd_devguard_scanner_container_scanning_test(["github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning:test"]) --- debian_12_7(["debian\@12.7"])
classDef default stroke-width:2px
| Risk Factor | Value | Description |
|---|---|---|
| Vulnerability Depth | 1 |
The vulnerability is in a direct dependency of your project. |
| EPSS | 0.04 % |
The exploit probability is very low. The vulnerability is unlikely to be exploited in the next 30 days. |
| EXPLOIT | Not available |
We did not find any exploit available. Neither in GitHub repositories nor in the Exploit-Database. There are no script kiddies exploiting this vulnerability. |
| CVSS-BE | 4.1 |
- Exploiting this vulnerability significantly impacts availability. |
| CVSS-B | 5.9 |
- The vulnerability can be exploited over the network without needing physical access. - It is difficult for an attacker to exploit this vulnerability and may require special conditions. - An attacker does not need any special privileges or access rights. - No user interaction is needed for the attacker to exploit this vulnerability. - The impact is confined to the system where the vulnerability exists. - There is a high impact on the availability of the system. |
More details can be found in DevGuard
Interact with this vulnerability
You can use the following slash commands to interact with this vulnerability:
👍 Reply with this to acknowledge and accept the identified risk.
/accept I accept the risk of this vulnerability, because ...
⚠️ Mark the risk as false positive: Use one of these commands if you believe the reported vulnerability is not actually a valid issue.
/component-not-present The vulnerable component is not included in the artifact.
/vulnerable-code-not-present The component is present, but the vulnerable code is not included or compiled.
/vulnerable-code-not-in-execute-path The vulnerable code exists, but is never executed at runtime.
/vulnerable-code-cannot-be-controlled-by-adversary Built-in protections prevent exploitation of this vulnerability.
/inline-mitigations-already-exist The vulnerable code cannot be controlled or influenced by an attacker.
🔁 Reopen the risk: Use this command to reopen a previously closed or accepted vulnerability.
/reopen ...