rpm package
almalinux/edk2-aarch64
pkg:rpm/almalinux/edk2-aarch64
Vulnerabilities (27)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-3446 | — | < 20220126gitbb1bba3d77-6.el8_9.3 | 20220126gitbb1bba3d77-6.el8_9.3 | Jul 19, 2023 | Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters tha | ||
| CVE-2023-2650 | — | < 20230524-3.el9 | 20230524-3.el9 | May 30, 2023 | Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limi | ||
| CVE-2022-4304 | — | < 20221207gitfff6d81270b5-9.el9_2 | 20221207gitfff6d81270b5-9.el9_2 | Feb 8, 2023 | A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of | ||
| CVE-2022-4450 | — | < 20221207gitfff6d81270b5-9.el9_2 | 20221207gitfff6d81270b5-9.el9_2 | Feb 8, 2023 | The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing t | ||
| CVE-2023-0215 | — | < 20221207gitfff6d81270b5-9.el9_2 | 20221207gitfff6d81270b5-9.el9_2 | Feb 8, 2023 | The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receiv | ||
| CVE-2023-0286 | — | < 20221207gitfff6d81270b5-9.el9_2 | 20221207gitfff6d81270b5-9.el9_2 | Feb 8, 2023 | There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This | ||
| CVE-2021-38578 | — | < 20221207gitfff6d81270b5-9.el9_2 | 20221207gitfff6d81270b5-9.el9_2 | Mar 3, 2022 | Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize. |
- CVE-2023-3446Jul 19, 2023affected < 20220126gitbb1bba3d77-6.el8_9.3fixed 20220126gitbb1bba3d77-6.el8_9.3
Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters tha
- CVE-2023-2650May 30, 2023affected < 20230524-3.el9fixed 20230524-3.el9
Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limi
- CVE-2022-4304Feb 8, 2023affected < 20221207gitfff6d81270b5-9.el9_2fixed 20221207gitfff6d81270b5-9.el9_2
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of
- CVE-2022-4450Feb 8, 2023affected < 20221207gitfff6d81270b5-9.el9_2fixed 20221207gitfff6d81270b5-9.el9_2
The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing t
- CVE-2023-0215Feb 8, 2023affected < 20221207gitfff6d81270b5-9.el9_2fixed 20221207gitfff6d81270b5-9.el9_2
The public API function BIO_new_NDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The function receiv
- CVE-2023-0286Feb 8, 2023affected < 20221207gitfff6d81270b5-9.el9_2fixed 20221207gitfff6d81270b5-9.el9_2
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This
- CVE-2021-38578Mar 3, 2022affected < 20221207gitfff6d81270b5-9.el9_2fixed 20221207gitfff6d81270b5-9.el9_2
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.
Page 2 of 2