CVE-2023-2650
published 2023-05-30CVE-2023-2650: Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use…
PriorityP352medium6.5CVSS 3.1
AVNACLPRNUIRSUCNINAH
EPSS
73.46%
99.4th percentile
Issue summary: Processing some specially crafted ASN.1 object identifiers or
data containing them may be very slow.
Impact summary: Applications that use OBJ_obj2txt() directly, or use any of
the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message
size limit may experience notable to very long delays when processing those
messages, which may lead to a Denial of Service.
An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers -
most of which have no size limit. OBJ_obj2txt() may be used to translate
an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL
type ASN1_OBJECT) to its canonical numeric text form, which are the
sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by
periods.
When one of the sub-identifiers in the OBJECT IDENTIFIER is very large
(these are sizes that are seen as absurdly large, taking up tens or hundreds
of KiBs), the translation to a decimal number in text may take a very long
time. The time complexity is O(n^2) with 'n' being the size of the
sub-identifiers in bytes (*).
With OpenSSL 3.0, support to fetch cryptographic algorithms using names /
identifiers in string form was introduced. This includes using OBJECT
IDENTIFIERs in canonical numeric text form as identifiers for fetching
algorithms.
Such OBJECT IDENTIFIERs may be received through the ASN.1 structure
AlgorithmIdentifier, which is commonly used in multiple protocols to specify
what cryptographic algorithm should be used to sign or verify, encrypt or
decrypt, or digest passed data.
Applications that call OBJ_obj2txt() directly with untrusted data are
affected, with any version of OpenSSL. If the use is for the mere purpose
of display, the severity is considered low.
In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME,
CMS, CMP/CRMF or TS. It also impacts anything that processes X.509
certificates, including simple things like verifying its signature.
The impact on TLS is relatively l
Affected
50 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | openssl | < openssl 3.0.9-1 (bookworm) | openssl 3.0.9-1 (bookworm) |
| msrc | azl3_edk2_20230301gitf80f052277c8-37_on_azure_linux_3.0 | — | — |
| msrc | azl3_rust_1.75.0-14_on_azure_linux_3.0 | — | — |
| msrc | azl3_rust_1.86.0-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_shim-unsigned-aarch64_15.8-5_on_azure_linux_3.0 | — | — |
| msrc | azl3_shim-unsigned-x64_15.8-5_on_azure_linux_3.0 | — | — |
| msrc | azure_linux_3.0_arm | — | — |
| msrc | azure_linux_3.0_x64 | — | — |
| msrc | cbl2_edk2_20230301gitf80f052277c8-37_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_hvloader_1.0.1-11_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_hvloader_1.0.1-9_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_kata-containers-cc_0.4.1-2_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_openssl_1.1.1k-25_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_qemu_6.2.0-24_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_1.0_arm | — | — |
| msrc | cbl_mariner_1.0_x64 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| msrc | cm1_openssl_1.1.1k-16_on_cbl_mariner_1.0 | — | — |
| nodejs | nodejs | >= 0 < 10.19.0~dfsg-3ubuntu1.5 | 10.19.0~dfsg-3ubuntu1.5 |
| nodejs | nodejs | >= 0 < 12.22.9~dfsg-1ubuntu3.4 | 12.22.9~dfsg-1ubuntu3.4 |
| openssl | openssl | >= 0 < 1.1.1u-r0 | 1.1.1u-r0 |
| openssl | openssl | >= 0 < 1.1.1u-r0 | 1.1.1u-r0 |
Detection & IOCsextracted from sources · hover to see the quote
- →Trigger vector is a specially crafted ASN.1 OBJECT IDENTIFIER with an oversized sub-identifier (tens or hundreds of KiBs) delivered via DER-encoded data — monitor for abnormally large OID fields in certificates, OCSP responses, PKCS7/SMIME, CMS, CMP/CRMF, or TS messages ↗
- →Affected OpenSSL API entry point is OBJ_obj2txt(); instrument or audit code paths calling this function with untrusted input (DER-encoded ASN1_OBJECT) as a detection/triage signal ↗
- →In OpenSSL 3.0+, the vulnerable path is also reachable through AlgorithmIdentifier processing — flag X.509 certificate signature verification, OCSP, PKCS7/SMIME, CMS, CMP/CRMF, and TS subsystems as high-interest inspection points ↗
- →TLS exposure is bounded by OpenSSL's 100 KiB certificate-chain limit; however, TLS clients and servers with explicit client-auth enabled remain in scope — prioritise monitoring of mTLS endpoints ↗
- →In ICS/OT environments, the attack surface includes BACnet Secure Connect certificate import — alert on certificate imports from untrusted sources on ICONICS/GENESIS64 and Mitsubishi CC-Link IE TSN devices ↗
- →Denial-of-service symptom is CPU exhaustion with O(n^2) time complexity proportional to sub-identifier byte length — anomalous CPU spikes in OpenSSL-linked processes during certificate/message parsing are a behavioural indicator ↗
- ·OpenSSL 3.0 and newer are the primary high-severity targets; OpenSSL 1.1.1 and 1.0.2 are considered low-severity because the vulnerable code path (OBJ_obj2txt via AlgorithmIdentifier) is not typically exercised in a DoS-relevant way in those versions ↗
- ·Applications using OBJ_obj2txt() only for display purposes (not algorithm fetching) are considered low-severity regardless of OpenSSL version ↗
- ·For ICONICS/GENESIS64 products, the vulnerability is only exploitable when the BACnet Secure Connect feature is enabled; it is disabled by default ↗
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv7.5HIGH
vendor_oracle7.5MEDIUM
vendor_ubuntu7.5HIGH
vendor_debian6.5MEDIUM
vendor_msrc6.5MEDIUM
vendor_redhat6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
edk2 regression
osv·2025-11-28·CVSS 7.4
CVE-2023-45236 [HIGH] edk2 regression
edk2 regression
USN-7894-1 fixed vulnerabilities in EDK II. The update introduced a
regression in the UEFI network boot. This update reverts the corresponding
fixes for CVE-2023-45236 and CVE-2023-45237 pending further investigation.
We apologize for the inconvenience.
Original advisory details:
It was discovered that EDK II was susceptible to a predictable TCP Initial
Sequence Number. An attacker could possibly use this issue to gain
unauthorized access. This issue only affected Ubuntu 22.04 LTS, and Ubuntu
24.04 LTS. (CVE-2023-45236, CVE-2023-45237)
It was discovered that EDK II incorrectly handled S3 sleep. An attacker
could possibly use this issue to cause a denial of service. This issue only
affected Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2024-1298)
It was discovered that
OSV
edk2 vulnerabilities
osv·2025-11-26·CVSS 7.4
CVE-2023-45236 [HIGH] edk2 vulnerabilities
edk2 vulnerabilities
It was discovered that EDK II was susceptible to a predictable TCP Initial
Sequence Number. An attacker could possibly use this issue to gain
unauthorized access. This issue only affected Ubuntu 22.04 LTS, and Ubuntu
24.04 LTS. (CVE-2023-45236, CVE-2023-45237)
It was discovered that EDK II incorrectly handled S3 sleep. An attacker
could possibly use this issue to cause a denial of service. This issue only
affected Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2024-1298)
It was discovered that the EDK II PE/COFF loader incorrectly handled
certain memory operations. An attacker could possibly use this issue to
cause a denial of service, obtain sensitive information, or execute
arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu
24.04 LTS. (CVE-2024-38
OSV
nodejs vulnerabilities
osv·2024-03-04·CVSS 7.5
CVE-2023-23919 [HIGH] nodejs vulnerabilities
nodejs vulnerabilities
Morgan Jones discovered that Node.js incorrectly handled certain inputs that
leads to false positive errors during some cryptographic operations. If a user
or an automated system were tricked into opening a specially crafted input
file, a remote attacker could possibly use this issue to cause a denial of
service. This issue only affected Ubuntu 23.10. (CVE-2023-23919)
It was discovered that Node.js incorrectly handled certain inputs leaded to a
untrusted search path vulnerability. If a user or an automated system were
tricked into opening a specially crafted input file, a remote attacker could
possibly use this issue to perform a privilege escalation. (CVE-2023-23920)
Matt Caswell discovered that Node.js incorrectly handled certain inputs with
specially crafted AS
OSV
CVE-2023-2650: Issue summary: Processing some specially crafted ASN
osv·2023-05-30·CVSS 6.5
CVE-2023-2650 [MEDIUM] CVE-2023-2650: Issue summary: Processing some specially crafted ASN
Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit. OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in
GHSA
GHSA-gqxg-9vfr-p9cg: Issue summary: Processing some specially crafted ASN
ghsa_unreviewed·2023-05-30
CVE-2023-2650 CWE-770 GHSA-gqxg-9vfr-p9cg: Issue summary: Processing some specially crafted ASN
Issue summary: Processing some specially crafted ASN.1 object identifiers or
data containing them may be very slow.
Impact summary: Applications that use OBJ_obj2txt() directly, or use any of
the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message
size limit may experience notable to very long delays when processing those
messages, which may lead to a Denial of Service.
An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers -
most of which have no size limit. OBJ_obj2txt() may be used to translate
an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL
type ASN1_OBJECT) to its canonical numeric text form, which are the
sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by
periods.
When one of the sub-identifiers
OSV
CVE-2023-2650: Issue summary: Processing some specially crafted ASN
osv·2023-05-30·CVSS 6.5
CVE-2023-2650 [MEDIUM] CVE-2023-2650: Issue summary: Processing some specially crafted ASN
Issue summary: Processing some specially crafted ASN.1 object identifiers or
data containing them may be very slow.
Impact summary: Applications that use OBJ_obj2txt() directly, or use any of
the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message
size limit may experience notable to very long delays when processing those
messages, which may lead to a Denial of Service.
An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers -
most of which have no size limit. OBJ_obj2txt() may be used to translate
an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL
type ASN1_OBJECT) to its canonical numeric text form, which are the
sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by
periods.
When one of the sub-identifiers
OSV
openssl, openssl1.0 vulnerabilities
osv·2023-05-30·CVSS 5.9
CVE-2023-2650 [MEDIUM] openssl, openssl1.0 vulnerabilities
openssl, openssl1.0 vulnerabilities
Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1
object identifiers. A remote attacker could possibly use this issue to
cause OpenSSL to consume resources, resulting in a denial of service.
(CVE-2023-2650)
Anton Romanov discovered that OpenSSL incorrectly handled AES-XTS cipher
decryption on 64-bit ARM platforms. An attacker could possibly use this
issue to cause OpenSSL to crash, resulting in a denial of service. This
issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04.
(CVE-2023-1255)
CISA ICS
Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update D)
cisa_ics·2026-04-07·CVSS 6.5
[MEDIUM] Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update D)
ICS Advisory
##
Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update D)
Last RevisedApril 07, 2026
Alert CodeICSA-24-184-03
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## Summary
Successful exploitation of these vulnerabilities could result in denial-of-service, improper privilege management, or potentially arbitrary code execution.
The following versions of Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products (Update D) are affected:
- Mitsubishi Electric Iconics Digital Solutions ICONICS Suite 10.97.2, <=10.97.2, <=10.97.3 (CVE-2023-2650, CVE-2023-4807, CVE-2024-1573, CVE-2024-1574, CVE-2024-1182)
- Mitsubishi Electric Iconics Digital Solutions
Ubuntu
EDK II regression
vendor_ubuntu·2025-11-28·CVSS 5.8
CVE-2023-45236 [MEDIUM] EDK II regression
Title: EDK II regression
Summary: USN-7894-1 introduced a regression in EDK II
USN-7894-1 fixed vulnerabilities in EDK II. The update introduced a
regression in the UEFI network boot. This update reverts the corresponding
fixes for CVE-2023-45236 and CVE-2023-45237 pending further investigation.
We apologize for the inconvenience.
Original advisory details:
It was discovered that EDK II was susceptible to a predictable TCP Initial
Sequence Number. An attacker could possibly use this issue to gain
unauthorized access. This issue only affected Ubuntu 22.04 LTS, and Ubuntu
24.04 LTS. (CVE-2023-45236, CVE-2023-45237)
It was discovered that EDK II incorrectly handled S3 sleep. An attacker
could possibly use this issue to cause a denial of service. This issue only
affected Ubuntu 22.04 LTS
Ubuntu
EDK II vulnerabilities
vendor_ubuntu·2025-11-26·CVSS 7.4
CVE-2023-45236 [HIGH] EDK II vulnerabilities
Title: EDK II vulnerabilities
Summary: Several security issues were fixed in EDK II.
It was discovered that EDK II was susceptible to a predictable TCP Initial
Sequence Number. An attacker could possibly use this issue to gain
unauthorized access. This issue only affected Ubuntu 22.04 LTS, and Ubuntu
24.04 LTS. (CVE-2023-45236, CVE-2023-45237)
It was discovered that EDK II incorrectly handled S3 sleep. An attacker
could possibly use this issue to cause a denial of service. This issue only
affected Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2024-1298)
It was discovered that the EDK II PE/COFF loader incorrectly handled
certain memory operations. An attacker could possibly use this issue to
cause a denial of service, obtain sensitive information, or execute
arbitrary code. This issue o
Palo Alto
PAN-SA-2024-0014 Informational Bulletin: Impact of OSS CVEs in Cortex XDR Agent
vendor_paloalto·2024-11-07·CVSS 6.8
CVE-2014-0195 [MEDIUM] PAN-SA-2024-0014 Informational Bulletin: Impact of OSS CVEs in Cortex XDR Agent
PAN-SA-2024-0014 Informational Bulletin: Impact of OSS CVEs in Cortex XDR Agent
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to Cortex XDR Agent. While Cortex XDR Agent may include the
CVEs: CVE-2014-0195, CVE-2014-0224, CVE-2014-3509, CVE-2014-3512, CVE-2014-3513, CVE-2014-3567, CVE-2015-0209, CVE-2015-0292, CVE-2015-1789, CVE-2015-1791, CVE-2015-1793, CVE-2015-3194, CVE-2016-0705, CVE-2016-0797, CVE-2016-0798, CVE-2016-0799, CVE-2016-2105, CVE-2016-2106, CVE-2016-2108, CVE-2016-2109, CVE-2016-2176, CVE-2016-2177, CVE-2016-2179, CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183, CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2019-1551, CVE-2019-1552, CVE-2019-1559, CVE-2019-1563, CVE-2020-196
CISA ICS
Mitsubishi Electric CC-Link IE TSN Industrial Managed Switch
cisa_ics·2024-06-06·CVSS 6.5
[MEDIUM] Mitsubishi Electric CC-Link IE TSN Industrial Managed Switch
ICS Advisory
##
Mitsubishi Electric CC-Link IE TSN Industrial Managed Switch
Release DateJune 06, 2024
Alert CodeICSA-24-158-03
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 5.1
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Mitsubishi Electric
- Equipment: CC-Link IE TSN Industrial Managed Switch
- Vulnerability: Allocation of Resources Without Limits or Throttling
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to cause a temporary denial-of service (DoS) condition in the web service on the product.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of CC-Link IE TSN Industrial Manag
Palo Alto
PAN-SA-2024-0004 Informational Bulletin: OSS CVEs fixed in PAN-OS
vendor_paloalto·2024-04-10·CVSS 9.8
CVE-2015-5739 [CRITICAL] PAN-SA-2024-0004 Informational Bulletin: OSS CVEs fixed in PAN-OS
PAN-SA-2024-0004 Informational Bulletin: OSS CVEs fixed in PAN-OS
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS. While it was not determined that these CVEs have any significant impact on PAN-OS, they have been fixed out of an abundance of caution. CVE Summary CVE-2015-5739 This CVE is fixed in PAN-OS 11.0.4, and all later PAN-OS versions. CVE-2016-10228 This CVE is fixed in PAN-OS 11.1.3, and all later PAN-OS versions. CVE-2017-8923 This CVE is fixed in PAN-OS 10.2.8, 11.0.3, and all later PAN-OS versions. CVE-2017-9120 This CVE is fixed in PAN-OS 10.2.8, 11.0.3, and all later PAN-OS versions. CVE-2018-25009 This CVE is fixed in PAN-OS 10.2.8, 11.0.4, 11.1.3, and all later PAN-OS versions. CVE-2
Ubuntu
Node.js vulnerabilities
vendor_ubuntu·2024-03-04·CVSS 7.5
CVE-2023-23919 [HIGH] Node.js vulnerabilities
Title: Node.js vulnerabilities
Summary: Several security issues were fixed in Node.js.
Morgan Jones discovered that Node.js incorrectly handled certain inputs that
leads to false positive errors during some cryptographic operations. If a user
or an automated system were tricked into opening a specially crafted input
file, a remote attacker could possibly use this issue to cause a denial of
service. This issue only affected Ubuntu 23.10. (CVE-2023-23919)
It was discovered that Node.js incorrectly handled certain inputs leaded to a
untrusted search path vulnerability. If a user or an automated system were
tricked into opening a specially crafted input file, a remote attacker could
possibly use this issue to perform a privilege escalation. (CVE-2023-23920)
Matt Caswell discovered that Nod
CISA ICS
Siemens SINEC NMS
cisa_ics·2024-02-15
Siemens SINEC NMS
ICS Advisory
##
Siemens SINEC NMS
Release DateFebruary 15, 2024
Alert CodeICSA-24-046-15
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SINEC NMS
- Vulnerabilities: Out-of-bounds Read, Inadequate Encryption Strength, Double Free, Use After Free, NULL Pointer Dereference, Improper Input Validation, Missing Encryption of Sensitive Data, Allocation of Resources Wit
Oracle
Oracle Oracle JD Edwards Risk Matrix: Enterprise Infrastructure SEC (OpenSSL) — CVE-2023-2650
vendor_oracle·2024-01-15·CVSS 6.5
CVE-2023-2650 [MEDIUM] Oracle Oracle JD Edwards Risk Matrix: Enterprise Infrastructure SEC (OpenSSL) — CVE-2023-2650
Oracle Oracle JD Edwards Risk Matrix: Enterprise Infrastructure SEC (OpenSSL) vulnerability
CVE: CVE-2023-2650
CVSS: 6.5
Protocol: JDENET
Remote exploit: Yes
Affected versions: Network
Advisory: cpujan2024 (JAN 2024)
CISA ICS
Siemens SCALANCE Family Products
cisa_ics·2023-11-16
Siemens SCALANCE Family Products
ICS Advisory
##
Siemens SCALANCE Family Products
Release DateNovember 16, 2023
Alert CodeICSA-23-320-08
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.1
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SCALANCE XB-200/XC-200/XP-200/XF-200BA/XR-300WG Family
- Vulnerabilities: Out-of-bounds Read, Inadequate Encryption Strength, Double Free, NULL Pointer Dereference, Allocation of Resources Without Limits or Thrott
Oracle
Oracle Oracle Essbase Risk Matrix: Essbase Web Platform (OpenSSL) — CVE-2023-2650
vendor_oracle·2023-10-15·CVSS 6.5
CVE-2023-2650 [MEDIUM] Oracle Oracle Essbase Risk Matrix: Essbase Web Platform (OpenSSL) — CVE-2023-2650
Oracle Oracle Essbase Risk Matrix: Essbase Web Platform (OpenSSL) vulnerability
CVE: CVE-2023-2650
CVSS: 6.5
Protocol: Multiple
Remote exploit: Yes
Affected versions: Network
Advisory: cpuoct2023 (OCT 2023)
Oracle
Oracle Oracle MySQL Risk Matrix: Monitoring: General (OpenSSL) — CVE-2023-2650
vendor_oracle·2023-07-15·CVSS 7.5
CVE-2023-2650 [MEDIUM] Oracle Oracle MySQL Risk Matrix: Monitoring: General (OpenSSL) — CVE-2023-2650
Oracle Oracle MySQL Risk Matrix: Monitoring: General (OpenSSL) vulnerability
CVE: CVE-2023-2650
CVSS: 7.5
Protocol: Multiple
Remote exploit: Yes
Affected versions: Network
Advisory: cpujul2023 (JUL 2023)
Ubuntu
OpenSSL vulnerability
vendor_ubuntu·2023-06-22
CVE-2023-2650 OpenSSL vulnerability
Title: OpenSSL vulnerability
Summary: OpenSSL could be made to consume resources and cause long
delays if it processed certain input.
Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1
object identifiers. A remote attacker could possibly use this issue to
cause OpenSSL to consume resources, resulting in a denial of service.
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
Ubuntu
OpenSSL vulnerabilities
vendor_ubuntu·2023-05-30·CVSS 5.9
CVE-2023-1255 [MEDIUM] OpenSSL vulnerabilities
Title: OpenSSL vulnerabilities
Summary: Several security issues were fixed in OpenSSL.
Matt Caswell discovered that OpenSSL incorrectly handled certain ASN.1
object identifiers. A remote attacker could possibly use this issue to
cause OpenSSL to consume resources, resulting in a denial of service.
(CVE-2023-2650)
Anton Romanov discovered that OpenSSL incorrectly handled AES-XTS cipher
decryption on 64-bit ARM platforms. An attacker could possibly use this
issue to cause OpenSSL to crash, resulting in a denial of service. This
issue only affected Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04.
(CVE-2023-1255)
Instructions: After a standard system update you need to reboot your computer to make all
the necessary changes.
Red Hat
openssl: Possible DoS translating ASN.1 object identifiers
vendor_redhat·2023-05-30·CVSS 6.5
CVE-2023-2650 [MEDIUM] CWE-400 openssl: Possible DoS translating ASN.1 object identifiers
openssl: Possible DoS translating ASN.1 object identifiers
Issue summary: Processing some specially crafted ASN.1 object identifiers or
data containing them may be very slow.
Impact summary: Applications that use OBJ_obj2txt() directly, or use any of
the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message
size limit may experience notable to very long delays when processing those
messages, which may lead to a Denial of Service.
An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers -
most of which have no size limit. OBJ_obj2txt() may be used to translate
an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL
type ASN1_OBJECT) to its canonical numeric text form, which are the
sub-identifiers of the OBJECT IDENTIFIER in decimal for
Microsoft
Possible DoS translating ASN.1 object identifiers
vendor_msrc·2023-05-09·CVSS 6.5
CVE-2023-2650 [MEDIUM] CWE-770 Possible DoS translating ASN.1 object identifiers
Possible DoS translating ASN.1 object identifiers
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
openssl: openssl
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.m
Debian
CVE-2023-2650: openssl - Issue summary: Processing some specially crafted ASN.1 object identifiers or dat...
vendor_debian·2023·CVSS 6.5
CVE-2023-2650 [MEDIUM] CVE-2023-2650: openssl - Issue summary: Processing some specially crafted ASN.1 object identifiers or dat...
Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service. An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit. OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by periods. When one of the sub-identifiers in
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.openwall.com/lists/oss-security/2023/05/30/1https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936bhttps://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422chttps://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544ahttps://lists.debian.org/debian-lts-announce/2023/06/msg00011.htmlhttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009https://security.gentoo.org/glsa/202402-08https://security.netapp.com/advisory/ntap-20230703-0001/https://security.netapp.com/advisory/ntap-20231027-0009/https://www.debian.org/security/2023/dsa-5417https://www.openssl.org/news/secadv/20230530.txthttp://www.openwall.com/lists/oss-security/2023/05/30/1https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936bhttps://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422chttps://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544ahttps://lists.debian.org/debian-lts-announce/2023/06/msg00011.htmlhttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009https://security.gentoo.org/glsa/202402-08https://security.netapp.com/advisory/ntap-20230703-0001/https://security.netapp.com/advisory/ntap-20231027-0009/https://www.debian.org/security/2023/dsa-5417https://www.openssl.org/news/secadv/20230530.txt
2023-05-30
Published