CVE-2022-3602

Description from NVD

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution. Many platforms implement stack overflow protections which would mitigate against the risk of remote code execution. The risk may be further mitigated based on stack layout for any given platform/compiler. Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. Fixed in OpenSSL 3.0.7 (Affected 3.0.0,3.0.1,3.0.2,3.0.3,3.0.4,3.0.5,3.0.6).

Information Acquisition Date:2022-11-30T14:58Z
CVSS 2.0: 0.0 None CVSS 3.x: 7.5 HIGH

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

NVD References

 https://www.openssl.org/news/secadv/20221101.txt
     source:CONFIRM
     tags:Vendor Advisory    
 [oss-security] 20221101 OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 20221028 Vulnerabilities in OpenSSL Affecting Cisco Products: November 2022
     source:CISCO
     tags:Third Party Advisory    
 GLSA-202211-01
     source:GENTOO
     tags:Issue Tracking    Third Party Advisory    
 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0023
     source:CONFIRM
     tags:Third Party Advisory    
 [oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221101 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221102 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221102 Re: Fwd: Node.js security updates for all active release lines, November 2022
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 http://packetstormsecurity.com/files/169687/OpenSSL-Security-Advisory-20221101.html
     source:MISC
     tags:Third Party Advisory    VDB Entry    
 [oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221102 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221102 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 https://security.netapp.com/advisory/ntap-20221102-0001/
     source:CONFIRM
     tags:Third Party Advisory    
 VU#794340
     source:CERT-VN
     tags:Third Party Advisory    US Government Resource    
 [oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221102 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221103 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221103 Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221103 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 [oss-security] 20221103 Re: Re: OpenSSL X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602), X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)
     source:MLIST
     tags:Mailing List    Third Party Advisory    
 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/63YRPWPUSX3MBHNPIEJZDKQT6YA7UF6S/
     source:MISC
     tags:Mailing List    Third Party Advisory    
 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWP23EZYOBDJQP7HP4YU7W2ABU2YDITS/
     source:MISC
     tags:Mailing List    Third Party Advisory    
 http://www.openwall.com/lists/oss-security/2022/11/03/11
     source:MISC
     tags:Mailing List    Third Party Advisory    
 http://www.openwall.com/lists/oss-security/2022/11/03/10
     source:MISC
     tags:Mailing List    Third Party Advisory    
 http://www.openwall.com/lists/oss-security/2022/11/03/9
     source:MISC
     tags:Mailing List    Third Party Advisory    
 https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fe3b639dc19b325846f4f6801f2f4604f56e3de3
     source:MISC
     tags:Broken Link    Third Party Advisory    

This vulnerability may involve a PoC.

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: Apple(1 tweets) BIND(1 tweets) Exchange(1 tweets) Java(3 tweets) Linux(13 tweets) OpenSSL(794 tweets) PHP(1 tweets) Unix(1 tweets) VMware(30 tweets) VPN(14 tweets) Windows(7 tweets) iOS(8 tweets)



List of frequently cited URLs

URLNum of Times Referred to
https://lnkd130
https://www.openssl.org/news/cl30.txt129
https://cvetrends.com49
https://github.com/openssl/openssl/commit/fe3b639dc19b32584...37
http://twinybots.ch26
https://lists.astaro.com/ASGV9-IPS-rules.html#020
https://securitylabs.datadoghq.com/articles/openssl-novembe...20
https://nakedsecurity.sophos.com/19
https://blogs.vmware.com/security/2022/11/vmware-response-t...16
https://allsoftwaresucks.blogspot.com/2022/11/why-cve-2022-...12
https://www.jpcert.or.jp/at/2022/at220030.html11
https://www.ipa.go.jp/security/ciadr/vul/alert20221102.html10
https://vuldb.com/?exploits.2022119
https://www.snort.org/downloads7
https://www.splunk.com/en_us/blog/security/nothing-puny-abo...7
https://security.sios.com/vulnerability/openssl-security-vu...6
https://thehackernews.com/2022/11/just-in-openssl-releases-...6
https://news.ycombinator.com/item?id=334232716
https://opsmtrs.com/3fTgB6p5
https://www.rapid7.com/blog/post/2022/11/01/cve-2022-3786-a...5
https://access.redhat.com/security/vulnerabilities/RHSB-202...5
https://rssfeeds.cloudsite.builders/2022/11/02/cve-2022-360...5
https://b.hatena.ne.jp/entry/s/www.openssl.org/blog/blog/20...4
https://www.helpnetsecurity.com/2022/11/01/high-severity-op...4
https://security-tracker.debian.org/tracker/CVE-2022-36024
http://ow.ly/zvz750LsE0K3
https://xtra.li/3heHVQc3
https://cve.report/CVE-2022-36023
https://sysdig.com/blog/stop-openssl-vulnerability-cve-37863
https://ubuntu.com/security/CVE-2022-36023
http://openssl.org3
https://twitter.com/TheHackersNews/status/15874811937205985333
https://www.cve.org/CVERecord?id=CVE-2022-37863
https://isc.sans.edu/diary/rss/292083
http://Checkmarx.com3
https://go.trellix.com/3UbKHnk3
https://mta.openssl.org/pipermail/openssl-announce/2022-Nov...3
https://news.google.com/__i/rss/rd/articles/CBMicGh0dHBzOi8...3
https://tweetedtimes.com/seclabor?s=tnp3
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-...3
https://blog.checkpoint.com/2022/11/01/openssl-vulnerabilit...3
https://blog.cloudflare.com/cloudflare-is-not-affected-by-t...3
https://securityonline.info/cve-2022-3602-openssl-remote-co...3
https://securityboulevard.com/2022/11/what-the-openssl-vuln...3
https://www.bleepingcomputer.com/news/security/openssl-fixe...3
https://unit42.paloaltonetworks.com/openssl-vulnerabilities3

▼ Show Information from Twitter(1143)


List of frequently cited URLs

URLNum of Times Referred to
lnkd130
www.openssl.org129
cvetrends.com49
github.com37
twinybots.ch26
lists.astaro.com20
securitylabs.datadoghq.com20
nakedsecurity.sophos.com19
blogs.vmware.com16
allsoftwaresucks.blogspot.com12
www.jpcert.or.jp11
www.ipa.go.jp10
vuldb.com9
www.snort.org7
www.splunk.com7
security.sios.com6
thehackernews.com6
news.ycombinator.com6
opsmtrs.com5
www.rapid7.com5
access.redhat.com5
rssfeeds.cloudsite.builders5
b.hatena.ne.jp4
www.helpnetsecurity.com4
security-tracker.debian.org4
ow.ly3
xtra.li3
cve.report3
sysdig.com3
ubuntu.com3
openssl.org3
twitter.com3
www.cve.org3
isc.sans.edu3
Checkmarx.com3
go.trellix.com3
mta.openssl.org3
news.google.com3
tweetedtimes.com3
www.trustwave.com3
blog.checkpoint.com3
blog.cloudflare.com3
securityonline.info3
securityboulevard.com3
www.bleepingcomputer.com3
unit42.paloaltonetworks.com3

▼ Show Information from Twitter(1143)


GitHub Search Results: Up to 10
NameURL
NCSC-NL/OpenSSL-2022 https://github.com/NCSC-NL/OpenSSL-2022
colmmacc/CVE-2022-3602 https://github.com/colmmacc/CVE-2022-3602
rbowes-r7/cve-2022-3602-and-cve-2022-3786-openssl-poc https://github.com/rbowes-r7/cve-2022-3602-and-cve-2022-3786-openssl-poc
eatscrayon/CVE-2022-3602-poc https://github.com/eatscrayon/CVE-2022-3602-poc
attilaszia/cve-2022-3602 https://github.com/attilaszia/cve-2022-3602
corelight/CVE-2022-3602 https://github.com/corelight/CVE-2022-3602
cybersecurityworks553/CVE-2022-3602-and-CVE-2022-3786 https://github.com/cybersecurityworks553/CVE-2022-3602-and-CVE-2022-3786
alicangnll/SpookySSL-Scanner https://github.com/alicangnll/SpookySSL-Scanner
fox-it/spookyssl-pcaps https://github.com/fox-it/spookyssl-pcaps
hi-artem/find-spooky-prismacloud https://github.com/hi-artem/find-spooky-prismacloud

GitHub Search Results: Up to 10
NameURL
NCSC-NL/OpenSSL-2022 github.com
colmmacc/CVE-2022-3602 github.com
rbowes-r7/cve-2022-3602-and-cve-2022-3786-openssl-poc github.com
eatscrayon/CVE-2022-3602-poc github.com
attilaszia/cve-2022-3602 github.com
corelight/CVE-2022-3602 github.com
cybersecurityworks553/CVE-2022-3602-and-CVE-2022-3786 github.com
alicangnll/SpookySSL-Scanner github.com
fox-it/spookyssl-pcaps github.com
hi-artem/find-spooky-prismacloud github.com

2022/12/02 Score : 0
Added Har-sia Database : 2022/11/02
Last Modified : 2022/12/02
Highest Scored Date : 2022/11/02
Highest Score : 677