cve/CVE-2023-0216.md at ba290685fe22de220a539dbecbe46bd650f1a0d5

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024

2024-05-25 21:48:12 +02:00

Description

An invalid pointer dereference on read can be triggered when anapplication tries to load malformed PKCS7 data with thed2i_PKCS7(), d2i_PKCS7_bio() or d2i_PKCS7_fp() functions.The result of the dereference is an application crash which couldlead to a denial of service attack. The TLS implementation in OpenSSLdoes not call this function however third party applications mightcall these functions on untrusted data.

POC

Reference

No PoCs from references.

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/Tuttu7/Yum-command
https://github.com/a23au/awe-base-images
https://github.com/chnzzh/OpenSSL-CVE-lib
https://github.com/fkie-cad/nvd-json-data-feeds
https://github.com/stkcat/awe-base-images

1.1 KiB Raw Blame History

CVE-2023-0216

Description

POC

Reference

Github

1.1 KiB

Raw Blame History