CVE-2023-0286: A Type Confusion Vulnerability Possibly Affecting Applications with Custom CRL Retrieval Functionality

CVE-2023-0286 refers to a type confusion vulnerability that is associated with the handling of X.400 addresses in the X.509 GeneralName structure. X.400 addresses are used as part of the X.509 certificate format, which is commonly employed in SSL/TLS connections. The issue in this case arises due to the incorrect typing of a data structure in the OpenSSL library, which might potentially lead to information disclosure or even a denial of service in certain scenarios.

Vulnerability Details

The problem centers around a discrepancy between the parsing and handling of X.400 addresses in the OpenSSL library. When an X.400 address is parsed, it is treated as an ASN1_STRING. However, the public structure definition for the GENERAL_NAME structure specifies the x400Address field as an ASN1_TYPE. This leads to a situation where the GENERAL_NAME_cmp function incorrectly assesses the x400Address field as an ASN1_TYPE instead of an ASN1_STRING.

The vulnerability specifically manifests itself when the application has the X509_V_FLAG_CRL_CHECK flag enabled, signalling that CRL checking should be performed. In this case, exploitation would involve an attacker passing arbitrary pointers to a memcmp call, possibly resulting in the leakage of memory contents or causing a denial of service.

The application has CRL checking enabled.

2. The attacker can provide both an attacker-controlled certificate chain and CRL (both need not have a valid signature).
3. If the attacker controls only one of these inputs, the other must contain an X.400 address as a CRL distribution point – a rare occurrence.

The third condition considerably narrows down the scope of this vulnerability, making it most relevant for applications that have implemented custom CRL retrieval functionalities across a network.

Code Snippet

The vulnerability is found in the crypto/x509_vfy.c file of the OpenSSL library.

static int GENERAL_NAME_cmp(const GENERAL_NAME *a, const GENERAL_NAME *b)
{
...
    case GEN_X400:
        /* X400Address needs special treatment: it is ASN1_TYPE, not
         * ASN1_STRING. */
        return ASN1_TYPE_cmp(a->d.x400Address, b->d.x400Address);
...
}

Original References

- OpenSSL Security Advisory: The official announcement detailing the vulnerability, its impact and proposed mitigation measures.
- CVE-2023-0286: The MITRE CVE record for this vulnerability.

Exploit Details

At this moment, there are no known exploits available. However, the mitigation suggested by OpenSSL is to upgrade to OpenSSL 3..2 or OpenSSL 1.1.1n, which contain the necessary patch to address this issue.

Conclusion

CVE-2023-0286 is a type confusion vulnerability in OpenSSL's handling of X.400 addresses within X.509 GeneralName structures. The impact of this vulnerability is limited to applications with custom CRL retrieval functionalities that also satisfy the specific conditions outlined above. Updating to the latest OpenSSL version is recommended to mitigate any potential risk associated with this issue.

Timeline

Published on: 02/08/2023 20:15:00 UTC
Last modified on: 03/27/2023 19:15:00 UTC