CVE-2023-6237

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-6237
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-6237.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-6237
Downstream
Related
Published
2024-04-25T07:15:45Z
Modified
2025-10-21T17:14:48.738907Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Issue summary: Checking excessively long invalid RSA public keys may take a long time.

Impact summary: Applications that use the function EVPPKEYpublic_check() to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may lead to a Denial of Service.

When function EVPPKEYpublic_check() is called on RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is an overly large prime, then this computation would take a long time.

An application that calls EVPPKEYpublic_check() and supplies an RSA key obtained from an untrusted source could be vulnerable to a Denial of Service attack.

The function EVPPKEYpublic_check() is not called from other OpenSSL functions however it is called from the OpenSSL pkey command line application. For that reason that application is also vulnerable if used with the '-pubin' and '-check' options on untrusted data.

The OpenSSL SSL/TLS implementation is not affected by this issue.

The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.

References

Affected packages

Git / github.com/openssl/openssl

Affected ranges

Type
GIT
Repo
https://github.com/openssl/openssl
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
0b0f7abfb37350794a4b8960fafc292cd5d1b84d
Fixed
18c02492138d1eb8b6548cb26e7b625fb2414a2a
Fixed
a830f551557d3d66a84bbb18a5b889c640c36294

Affected versions

Other

BEFORE_engine
OpenSSL_0_9_1c
OpenSSL_0_9_2b
OpenSSL_0_9_3
OpenSSL_0_9_3a
OpenSSL_0_9_3beta2
OpenSSL_0_9_4
OpenSSL_0_9_5a
OpenSSL_0_9_5a-beta1
OpenSSL_0_9_5a-beta2
OpenSSL_0_9_5beta1
OpenSSL_0_9_5beta2
OpenSSL_0_9_6-beta3
OpenSSL_1_1_0-pre1
OpenSSL_1_1_0-pre2
OpenSSL_1_1_0-pre3
OpenSSL_1_1_0-pre4
OpenSSL_1_1_0-pre5
OpenSSL_1_1_0-pre6
OpenSSL_1_1_1
OpenSSL_1_1_1-pre1
OpenSSL_1_1_1-pre2
OpenSSL_1_1_1-pre3
OpenSSL_1_1_1-pre4
OpenSSL_1_1_1-pre5
OpenSSL_1_1_1-pre6
OpenSSL_1_1_1-pre7
OpenSSL_1_1_1-pre8
OpenSSL_1_1_1-pre9
master-post-auto-reformat
master-post-reformat
master-pre-auto-reformat
master-pre-reformat

openssl-3.*

openssl-3.0.0
openssl-3.0.0-alpha1
openssl-3.0.0-alpha10
openssl-3.0.0-alpha11
openssl-3.0.0-alpha12
openssl-3.0.0-alpha13
openssl-3.0.0-alpha14
openssl-3.0.0-alpha15
openssl-3.0.0-alpha16
openssl-3.0.0-alpha17
openssl-3.0.0-alpha2
openssl-3.0.0-alpha3
openssl-3.0.0-alpha4
openssl-3.0.0-alpha5
openssl-3.0.0-alpha6
openssl-3.0.0-alpha7
openssl-3.0.0-alpha8
openssl-3.0.0-alpha9
openssl-3.0.0-beta1
openssl-3.0.0-beta2
openssl-3.0.1
openssl-3.0.10
openssl-3.0.11
openssl-3.0.12
openssl-3.0.2
openssl-3.0.3
openssl-3.0.4
openssl-3.0.5
openssl-3.0.6
openssl-3.0.7
openssl-3.0.8
openssl-3.0.9
openssl-3.1.0
openssl-3.1.0-alpha1
openssl-3.1.0-beta1
openssl-3.1.1
openssl-3.1.2
openssl-3.1.3
openssl-3.1.4
openssl-3.2.0
openssl-3.2.0-alpha1
openssl-3.2.0-alpha2
openssl-3.2.0-beta1

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "function_hash": "36262343259786368621085857695218833956",
            "length": 1258.0
        },
        "target": {
            "function": "ossl_rsa_sp800_56b_check_public",
            "file": "crypto/rsa/rsa_sp800_56b_check.c"
        },
        "id": "CVE-2023-6237-07b4356d",
        "source": "https://github.com/openssl/openssl/commit/0b0f7abfb37350794a4b8960fafc292cd5d1b84d",
        "signature_type": "Function"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "5799985256469090440161975918621279176",
                "231956326038171660204156138522531293340",
                "72751756268789884712810101003534450503",
                "314070120765545521861021195160721661288",
                "163275361520424784336712083888861921840",
                "80433659035868977858238900915029720241",
                "55330043341397734539339972248704545042",
                "79386981174192347288537193082013598235"
            ]
        },
        "target": {
            "file": "crypto/rsa/rsa_sp800_56b_check.c"
        },
        "id": "CVE-2023-6237-3d282511",
        "source": "https://github.com/openssl/openssl/commit/18c02492138d1eb8b6548cb26e7b625fb2414a2a",
        "signature_type": "Line"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "5799985256469090440161975918621279176",
                "231956326038171660204156138522531293340",
                "72751756268789884712810101003534450503",
                "314070120765545521861021195160721661288",
                "163275361520424784336712083888861921840",
                "80433659035868977858238900915029720241",
                "55330043341397734539339972248704545042",
                "79386981174192347288537193082013598235"
            ]
        },
        "target": {
            "file": "crypto/rsa/rsa_sp800_56b_check.c"
        },
        "id": "CVE-2023-6237-7dd742ac",
        "source": "https://github.com/openssl/openssl/commit/0b0f7abfb37350794a4b8960fafc292cd5d1b84d",
        "signature_type": "Line"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "function_hash": "36262343259786368621085857695218833956",
            "length": 1258.0
        },
        "target": {
            "function": "ossl_rsa_sp800_56b_check_public",
            "file": "crypto/rsa/rsa_sp800_56b_check.c"
        },
        "id": "CVE-2023-6237-8aca94dc",
        "source": "https://github.com/openssl/openssl/commit/18c02492138d1eb8b6548cb26e7b625fb2414a2a",
        "signature_type": "Function"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "5799985256469090440161975918621279176",
                "231956326038171660204156138522531293340",
                "72751756268789884712810101003534450503",
                "314070120765545521861021195160721661288",
                "163275361520424784336712083888861921840",
                "80433659035868977858238900915029720241",
                "55330043341397734539339972248704545042",
                "79386981174192347288537193082013598235"
            ]
        },
        "target": {
            "file": "crypto/rsa/rsa_sp800_56b_check.c"
        },
        "id": "CVE-2023-6237-98851d99",
        "source": "https://github.com/openssl/openssl/commit/a830f551557d3d66a84bbb18a5b889c640c36294",
        "signature_type": "Line"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "function_hash": "36262343259786368621085857695218833956",
            "length": 1258.0
        },
        "target": {
            "function": "ossl_rsa_sp800_56b_check_public",
            "file": "crypto/rsa/rsa_sp800_56b_check.c"
        },
        "id": "CVE-2023-6237-e95520da",
        "source": "https://github.com/openssl/openssl/commit/a830f551557d3d66a84bbb18a5b889c640c36294",
        "signature_type": "Function"
    }
]