CVE CyberSecurity Database News

CVE-2023-0217 - Crashing Unprotected Applications with Malformed DSA Keys

Poster -

In early 2023, a critical vulnerability—CVE-2023-0217—was discovered in the popular cryptographic library OpenSSL. This vulnerability involves an invalid pointer dereference occurring when applications use the EVP_PKEY_public_check() function to validate specially crafted (malformed) DSA public keys. The result? Any application doing extra key checks with OpenSSL on untrusted input is at risk of crashing, potentially opening the door to easy Denial-of-Service (DoS) attacks.

This post will break down what the vulnerability is, how it happens, and how attackers could exploit it. We’ll provide code snippets and point you to additional resources—all in clear, simple language so you can understand and protect your systems.

The function at the heart of CVE-2023-0217 is

int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx);

This function is meant to verify the validity of a public key. Some applications use it as a security step, especially in regulated environments (like those requiring FIPS 140-3 compliance).

The Problem

If you give this function a malformed DSA public key, it can read an invalid pointer, which leads to access of memory it shouldn’t touch—eventually, the application just crashes.

The TLS implementation inside OpenSSL does not call this function by default. But if your app does extra checks (like for FIPS 140-3), you might be calling it, possibly with user-supplied data.

Exploit Scenario: How Can This Go Wrong?

Let’s imagine you’re running a server that lets users upload DSA public keys for authentication or for digital signatures. You want to be extra secure, so you run EVP_PKEY_public_check() on each incoming key.

Step 1: Attacker sends a Malformed Key

An attacker crafts a bad DSA public key—one that specifically abuses the weakness that triggers the invalid pointer dereference.

Your code, thinking it’s being careful, calls

int valid = EVP_PKEY_public_check(ctx);

During this check, the vulnerability is triggered.

Step 3: Dereference and Crash

When OpenSSL tries to access the malformed key’s data, it reads memory it shouldn’t. In most cases, this instantly crashes the hosting application.

Result: Denial of Service

If your public-facing API, authentication system, or any critical piece of your infrastructure crashes, users are locked out or service is interrupted.

Simple Exploit Example (For Reference Only!)

Below is a short C code example to illustrate the process. We don’t show malformed key generation details for safety, but you can see the general structure:

#include <openssl/evp.h>
#include <openssl/pem.h>
#include <stdio.h>
#include <stdlib.h>

int main() {
    FILE *fp = fopen("malformed_dsa_key.pem", "r");
    if (!fp) {
        perror("Cannot open PEM file");
        return 1;
    }

    EVP_PKEY *pkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL);
    fclose(fp);

    if (!pkey) {
        fprintf(stderr, "Failed to load public key!\n");
        return 2;
    }

    EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new(pkey, NULL);
    if (!ctx) {
        fprintf(stderr, "Failed to create PKEY_CTX!\n");
        EVP_PKEY_free(pkey);
        return 3;
    }

    int valid = EVP_PKEY_public_check(ctx); // <- Vulnerable to invalid pointer dereference!

    if (valid == 1)
        printf("Key is valid.\n");
    else
        printf("Key is INVALID or caused a crash.\n");

    EVP_PKEY_CTX_free(ctx);
    EVP_PKEY_free(pkey);

    return ;
}

If the "malformed_dsa_key.pem" is maliciously crafted, the above code can cause the app to crash.

Official Advisories and Sources

- OpenSSL Security Advisory (CVE-2023-0217)
- NIST NVD CVE-2023-0217
- GitHub OpenSSL Patch Diff

Upgrade OpenSSL: Patch today. Versions 3..8+ and 1.1.1u+ fix this vulnerability.

2. Validate Input: Don’t trust public keys from untrusted sources. Add additional input sanitization.
3. Monitor Crash Reports: If you see sudden, unexplained crashes in apps that process public keys, investigate for this CVE.

Final Thoughts

CVE-2023-0217 shows that even well-intentioned extra security can open up dangerous holes when libraries are used with untrusted data. If you’re validating public keys, especially DSA ones, make sure your OpenSSL is up to date and analyze how you handle user-supplied material.

Stay secure and practice defense in depth!

*Post exclusive for educational purposes. Don’t attempt to exploit this or any vulnerability without legal permission.*

Timeline

Published on: 02/08/2023 20:15:00 UTC
Last modified on: 02/24/2023 15:15:00 UTC