PT-2022-2691 · Openssl+12 · Openssl+12

Elison Niven

·

Published

2022-04-02

·

Updated

2026-04-27

·

CVE-2022-1292

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.0.2 through 1.0.2zd OpenSSL versions 1.1.1 through 1.1.1n OpenSSL versions 3.0.0 through 3.0.2
Description The c rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool.
Recommendations For OpenSSL versions 1.0.2 through 1.0.2zd, update to version 1.0.2ze. For OpenSSL versions 1.1.1 through 1.1.1n, update to version 1.1.1o. For OpenSSL versions 3.0.0 through 3.0.2, update to version 3.0.3. As a temporary workaround, consider disabling the c rehash script until a patch is available. Restrict access to the vulnerable script to minimize the risk of exploitation.

Exploit

Fix

DoS

Command Injection

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-77CWE-78

Related Identifiers

ALSA-2022:5818
ALSA-2022:6224
ALSA-2022_5818
ALSA-2022_6224
ALSA-2022_7464
ALSA-2022_7970
ALSA-2023_4350
ALSA-2023_4520
ALSA-2023_7034
ALSA-2023_7042
ALSA-2023_7050
ALSA-2023_7877
ALSA-2024_0888
ALSA-2024_1444
ALSA-2024_2264
ALSA-2024_2447
ALSA-2024_3017
ALSA-2024_5297
ALSA-2024_9088
ALSA-2025_16880
ALSA-2025_7895
ALSA-2025_7937
ALT-PU-2022-2132
ALT-PU-2022-2139
ALT-PU-2022-2552
ALT-PU-2022-3072
ALT-PU-2022-3102
ALT-PU-2023-1299
ALT-PU-2023-1912
AZL-41748
AZL-9649
BDU:2022-03181
CESA-2022_5818
CVE-2022-1292
DLA-3008-1
DSA-5139-1
ELSA-2022-5818
ELSA-2022-6224
JLSEC-2026-228
JLSEC-2026-229
MGASA-2022-0173
OESA-2022-1673
OESA-2022-1898
OESA-2022-1951
OPENSUSE-SU-2022_2251-1
OPENSUSE-SU-2022_2306-1
OPENSUSE-SU-2022_2308-1
OPENSUSE-SU-2022_2321-1
OPENSUSE-SU-2024:12138-1
OPENSUSE-SU-2024:12178-1
OPENSUSE-SU-2024:12204-1
RHSA-2022:5818
RHSA-2022:6224
RHSA-2022:8840
RHSA-2022:8917
RHSA-2022_5818
RHSA-2022_6224
RHSA-2023:5931
RHSA-2023:5979
RHSA-2023:5980
RHSA-2023:5982
RHSA-2023:6818
RLSA-2022:5818
RLSA-2022_5818
RLSA-2023:6818
RLSA-2023_6818
SUSE-SU-2022:2068-1
SUSE-SU-2022:2075-1
SUSE-SU-2022:2098-1
SUSE-SU-2022:2106-1
SUSE-SU-2022:2182-1
SUSE-SU-2022:2197-1
SUSE-SU-2022:2251-1
SUSE-SU-2022:2251-2
SUSE-SU-2022:2306-1
SUSE-SU-2022:2308-1
SUSE-SU-2022:2321-1
SUSE-SU-2022_2068-1
SUSE-SU-2022_2075-1
SUSE-SU-2022_2098-1
SUSE-SU-2022_2106-1
SUSE-SU-2022_2182-1
SUSE-SU-2022_2197-1
SUSE-SU-2022_2251-1
SUSE-SU-2022_2306-1
SUSE-SU-2022_2308-1
SUSE-SU-2022_2321-1
USN-5402-1
USN-5402-2
USN-6457-1
USN-7018-1
USN-7060-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Ibm Aix
Linuxmint
Mysql Server
Openssl
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu