cve/CVE-2023-0217.md at main

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024

2024-05-25 21:48:12 +02:00

1.2 KiB

Raw Permalink Blame History

CVE-2023-0217

Description

An invalid pointer dereference on read can be triggered when anapplication tries to check a malformed DSA public key by theEVP_PKEY_public_check() function. This will most likely leadto an application crash. This function can be called on publickeys supplied from untrusted sources which could allow an attackerto cause a denial of service attack.The TLS implementation in OpenSSL does not call this functionbut applications might call the function if there are additionalsecurity requirements imposed by standards such as FIPS 140-3.

POC

Reference

No PoCs from references.

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/Tuttu7/Yum-command
https://github.com/a23au/awe-base-images
https://github.com/chnzzh/OpenSSL-CVE-lib
https://github.com/fkie-cad/nvd-json-data-feeds
https://github.com/stkcat/awe-base-images

1.2 KiB Raw Permalink Blame History

CVE-2023-0217

Description

POC

Reference

Github

1.2 KiB

Raw Permalink Blame History