Resource leakage when decoding certificates and keys
Description
The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This function is used when decoding certificates or keys. If a long lived process periodically decodes certificates or keys its memory usage will expand without bounds and the process might be terminated by the operating system causing a denial of service. Also traversing the empty hash table entries will take increasingly more time. Typically such long lived processes might be TLS clients or TLS servers configured to accept client certificate authentication. The function was added in the OpenSSL 3.0 version thus older releases are not affected by the issue. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A bug in OpenSSL's OPENSSL_LH_flush() function causes unbounded memory growth and slow traversal under repeated certificate/key decoding, leading to denial of service.
Vulnerability
CVE-2022-1473 is a memory leak and performance degradation vulnerability in the OPENSSL_LH_flush() function of OpenSSL 3.0.0, 3.0.1, and 3.0.2. The function is responsible for emptying a hash table, but a bug prevents the reuse of memory occupied by removed entries. This function is used internally when decoding certificates or keys. Consequently, any long-lived process that periodically decodes certificates or keys (such as TLS clients or servers with client certificate authentication enabled) will see its memory usage grow without bounds and will experience increasingly slow hash table traversal, potentially leading to termination by the operating system. Older OpenSSL releases (1.x.y) are not affected [1][2].
Exploitation
An attacker does not need special network position or authentication; the vulnerability is triggered by normal certificate or key decoding operations. For a server that accepts client certificate authentication, an attacker can repeatedly present certificates for decoding, causing the server's memory to expand indefinitely over time and its performance to degrade. The attacker only needs to maintain a long-lived session or series of connections that cause repeated certificate decoding. No user interaction or race condition is required [1][2].
Impact
Successful exploitation results in a denial of service (DoS) through unbounded memory consumption and increased processing time. The availability impact is High, while confidentiality and integrity are not affected. The process (such as a TLS server) may be terminated by the operating system when it runs out of memory [1]. The CVSS score is 7.5 (HIGH) with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [4].
Mitigation
The vulnerability is fixed in OpenSSL 3.0.3 (released May 3, 2022). Users of OpenSSL 3.0.0, 3.0.1, or 3.0.2 should upgrade immediately. For the Rust ecosystem, the patched version of the openssl-src crate is 300.0.6 (and later) for the 3.0 stream; the 1.1.1/111 stream is not affected [2][3][4]. No workaround is available for unpatched versions. The issue is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog as of this writing.
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
openssl-srccrates.io | >= 300.0.0, < 300.0.6 | 300.0.6 |
Affected products
18- osv-coords17 versionspkg:apk/chainguard/ruby-3.1pkg:apk/chainguard/ruby-3.1-basepkg:apk/chainguard/ruby-3.1-base-devpkg:apk/chainguard/ruby-3.1-devpkg:apk/chainguard/ruby-3.1-docpkg:apk/wolfi/ruby-3.1pkg:apk/wolfi/ruby-3.1-basepkg:apk/wolfi/ruby-3.1-base-devpkg:apk/wolfi/ruby-3.1-devpkg:apk/wolfi/ruby-3.1-docpkg:cargo/openssl-srcpkg:rpm/almalinux/opensslpkg:rpm/almalinux/openssl-develpkg:rpm/almalinux/openssl-libspkg:rpm/almalinux/openssl-perlpkg:rpm/opensuse/openssl-3&distro=openSUSE%20Leap%2015.4pkg:rpm/suse/openssl-3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4
< 0+ 16 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: >= 300.0.0, < 300.0.6
- (no CPE)range: < 1:3.0.1-41.el9_0
- (no CPE)range: < 1:3.0.1-41.el9_0
- (no CPE)range: < 1:3.0.1-41.el9_0
- (no CPE)range: < 1:3.0.1-41.el9_0
- (no CPE)range: < 3.0.1-150400.4.7.1
- (no CPE)range: < 3.0.1-150400.4.7.1
- Range: Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- github.com/advisories/GHSA-g323-fr93-4j3cghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-1473ghsaADVISORY
- security.gentoo.org/glsa/202210-02ghsavendor-advisoryWEB
- cert-portal.siemens.com/productcert/pdf/ssa-953464.pdfghsaWEB
- git.openssl.org/gitweb/ghsaWEB
- github.com/github/advisory-database/issues/405ghsaWEB
- rustsec.org/advisories/RUSTSEC-2022-0025.htmlghsaWEB
- security.netapp.com/advisory/ntap-20220602-0009ghsaWEB
- www.openssl.org/news/secadv/20220503.txtghsaWEB
- git.openssl.org/gitweb/mitre
- security.netapp.com/advisory/ntap-20220602-0009/mitre
News mentions
0No linked articles in our index yet.