CVE-2022-4450Double Free in Openssl

CWE-415Double Free19 documents11 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 64.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
11
OpensslStormshield Network SecurityPaloalto Cortex Data+8 more
Timeline
PublishedFeb 8
Latest updateNov 26

Description

The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data. The caller is responsible for freeing those buffers. It is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages14 packages

CVEListV5openssl/openssl3.0.03.0.8+1
NVDopenssl/openssl1.1.11.1.1t+1
Alpineopenssl/openssl< 1.1.1t-r0+9
Debianopenssl/openssl< 1.1.1n-0+deb11u4+3

Patches

Patch: git.openssl.orgPatch: git.openssl.orgPatch: git.openssl.org

🔴Vulnerability Details

7
OSV
nodejs vulnerabilities2024-01-03
OSV
CVE-2022-4450: The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e2023-02-08
GHSA
openssl-src contains Double free after calling `PEM_read_bio_ex`2023-02-08
OSV
CVE-2022-4450: The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e2023-02-08
CVEList
Double free after calling PEM_read_bio_ex2023-02-08

📋Vendor Advisories

11
Ubuntu
EDK II vulnerabilities2025-11-26
Palo Alto
PAN-SA-2024-0003 Informational Bulletin: Impact of OSS CVEs in Prisma SD-WAN ION2024-04-05
Oracle
Oracle Oracle Systems Risk Matrix: XCP Firmware (OpenSSL) — CVE-2022-44502024-01-15
Ubuntu
Node.js vulnerabilities2024-01-03
Oracle
Oracle Oracle Communications Risk Matrix: Signaling (OpenSSL) — CVE-2022-44502023-07-15
CVE-2022-4450 — Double Free in Openssl | cvebase