CVE-2022-0778

Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.0.2 through 1.0.2zc OpenSSL versions 1.1.1 through 1.1.1m OpenSSL versions 3.0.0 through 3.0.1

Description The BN mod sqrt() function in OpenSSL contains a bug that can cause it to loop forever for non-prime moduli, leading to a denial of service attack. This issue can be triggered by crafting a certificate with invalid explicit curve parameters. The vulnerability affects various situations, including TLS clients and servers consuming certificates, hosting providers, and certificate authorities parsing certification requests. The issue was addressed in the releases of OpenSSL 1.1.1n and 3.0.2 on March 15, 2022.

Recommendations For OpenSSL versions 1.0.2 through 1.0.2zc, update to version 1.0.2zd. For OpenSSL versions 1.1.1 through 1.1.1m, update to version 1.1.1n. For OpenSSL versions 3.0.0 through 3.0.1, update to version 3.0.2. As a temporary workaround, consider disabling the BN mod sqrt() function until a patch is available. Restrict access to the vulnerable module to minimize the risk of exploitation. Avoid using the BN mod sqrt() function in the affected API endpoints until the issue is resolved.