Page MenuHomeVyOS Platform

CVE-2022-0778: infinite loop in OpenSSL certificate parsing
Closed, ResolvedPublicBUG

Description

CVE-2022-0778 is a vulnerability in OpenSSL that potentially allows a remote attacker to cause an infinite loop in a process by sending a malformed certificate.

See https://www.openssl.org/news/secadv/20220315.txt

This issue is automatically fixed thanks to OpenSSL updates from Debian.

Details

Difficulty level
Unknown (require assessment)
Version
1.3.0
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Perfectly compatible
Issue type
Security vulnerability

Related Objects

Mentioned In
1.3.3
1.3.1

Event Timeline

dmbaturin renamed this task from CVE-2022-0778 to CVE-2022-0778: infinite loop in OpenSSL certificate parsing.Mar 21 2022, 12:06 PM
dmbaturin created this task.