PT-2023-2343 · Openssl+10 · Openssl+10

David Benjamin

·

Published

2023-03-08

·

Updated

2026-04-27

·

CVE-2023-0464

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions OpenSSL (affected versions not specified)
Description A security issue has been identified in OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this issue by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the -policy argument to the command line utilities or by calling the X509 VERIFY PARAM set1 policies() function.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Improper Certificate Validation

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-295CWE-400

Related Identifiers

ALSA-2023:3722
ALT-PU-2023-1804
ALT-PU-2023-1876
ALT-PU-2023-1888
ALT-PU-2023-1913
ALT-PU-2023-1929
ALT-PU-2023-1937
ALT-PU-2023-1948
ALT-PU-2023-2039
ALT-PU-2023-2083
AZL-25709
AZL-26731
AZL-31141
AZL-34664
AZL-37680
BDU:2023-02108
CVE-2023-0464
DLA-3449-1
DSA-5417-1
JLSEC-2026-235
MGASA-2023-0130
OESA-2023-1207
OESA-2024-1134
OESA-2024-1135
OESA-2024-1136
OESA-2024-1137
OESA-2024-1138
OESA-2024-1168
OESA-2024-1184
OESA-2024-1185
OESA-2024-1186
OESA-2024-1187
OESA-2024-1238
OPENSUSE-SU-2024:12824-1
OPENSUSE-SU-2024:12825-1
OPENSUSE-SU-2024:12969-1
OPENSUSE-SU-2026:10199-1
RHSA-2023:3722
RHSA-2023:7622
RHSA-2023:7625
RHSA-2023_3722
ROSA-SA-2024-2366
SUSE-SU-2023:1703-1
SUSE-SU-2023:1704-1
SUSE-SU-2023:1737-1
SUSE-SU-2023:1738-1
SUSE-SU-2023:1745-1
SUSE-SU-2023:1746-1
SUSE-SU-2023:1747-1
SUSE-SU-2023:1748-1
SUSE-SU-2023:1754-1
SUSE-SU-2023:1764-1
SUSE-SU-2023:1790-1
SUSE-SU-2023_1703-1
SUSE-SU-2023_1704-1
SUSE-SU-2023_1737-1
SUSE-SU-2023_1738-1
SUSE-SU-2023_1745-1
SUSE-SU-2023_1746-1
SUSE-SU-2023_1747-1
SUSE-SU-2023_1748-1
SUSE-SU-2023_1754-1
SUSE-SU-2023_1764-1
SUSE-SU-2023_1790-1
USN-6039-1
USN-7894-1
USN-7894-2

Affected Products

Alt Linux
Almalinux
Astra Linux
Ibm Aix
Linuxmint
Openssl
Red Hat
Red Os
Suse
Ubuntu
Virtualbox