OpenSSL downgrades email address bug from critical to high

The maintainers of the very popular OpenSSL cryptographic toolkit have revealed details of a serious vulnerabilities, one that was expected to be rated as critical, and downgraded it to high severity.

OpenSSL said the flaws, given the Common Vulnerabilities and Exposures (CVE) index of 2022-3786 and 2022-3602 were buffer overflow vulnerabilities which could allow malicious code to write to memory outside designated areas.

They only affect version 3.0.0 to 3.0.6 of OpenSSL and were introduced when punycode text encoding for domain hostnames was added, to process email addresses in digital X.509 authentication certificates.

Any OpenSSL 3.0 application that verifies X.509 certificates from untrusted sources should be considered vulnerable, including Transport Layer Security (TLS) clients and servers.

Originally, it was thought CVE-2022-3602 could be used for remote code execution via the cryptographic library toolkit which has been the target of several serious attacks over the years, inlcuding the infamous Heartbleed bug.

The CVE-2022-3786 was not rated as critical from the outset, OpenSSL said, with remote code not expected on any platform.

Thanks to testing and feedback, the OpenSSL project decided to mark both the above bugs as high severity.

"Firstly, we had reports that on certain Linux distributions the stack layout was such that the 4 bytes overwrote an adjacent buffer that was yet to be used and therefore there was no crash or ability to cause remote code execution," the project maintainers wrote.

"Secondly, many modern platforms implement stack overflow protections which would mitigate against the risk of remote code execution and usually lead to a crash instead," they added.

However, OpenSSL warns that it cannot know how every platform and compiler arranges memory buffers on the stack, and because of that, remote code execution could still be possible.

Users of OpenSSL 3-series software are advised to upgrade to 3.0.7 as soon as possible.

The flaws do not affect OpenSSL 1.0.2, 1.1.1 and other earlier versions; there is no need to replace TLS server certificates.

Until the vulnerable versions of OpenSSL 3.0.0 libraries have been upgraded, users can mitigate against the bug by disabling client TLS authentication.