CVE-2024-4603
- Source
- https://cve.org/CVERecord?id=CVE-2024-4603
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-4603.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-4603
- Downstream
- Related
- Published
- 2024-05-16T16:15:10.643Z
- Modified
- 2026-04-02T12:21:16.410893Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- [none]
- Details
-
Issue summary: Checking excessively long DSA keys or parameters may be very slow.
Impact summary: Applications that use the functions EVPPKEYparamcheck() or EVPPKEYpubliccheck() to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service.
The functions EVPPKEYparamcheck() or EVPPKEYpubliccheck() perform various checks on DSA parameters. Some of those computations take a long time if the modulus (
pparameter) is too large.Trying to use a very large modulus is slow and OpenSSL will not allow using public keys with a modulus which is over 10,000 bits in length for signature verification. However the key and parameter check functions do not limit the modulus size when performing the checks.
An application that calls EVPPKEYparamcheck() or EVPPKEYpubliccheck() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack.
These functions are not called by OpenSSL itself on untrusted DSA keys so only applications that directly call these functions may be vulnerable.
Also vulnerable are the OpenSSL pkey and pkeyparam command line applications when using the
-checkoption.The OpenSSL SSL/TLS implementation is not affected by this issue.
The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.
- References
-
- http://www.openwall.com/lists/oss-security/2024/05/16/2
- https://www.openssl.org/news/secadv/20240516.txt
- https://security.netapp.com/advisory/ntap-20240621-0001/
- https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397
- https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e
- https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d
- https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740
Affected packages
Git / github.com/openssl/openssl
Affected ranges
- Type
- GIT
- Repo
- https://github.com/openssl/openssl
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- GIT
- Repo
- https://github.com/openssl/openssl
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- GIT
- Repo
- https://github.com/openssl/openssl
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- GIT
- Repo
- https://github.com/openssl/openssl
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- GIT
- Repo
- https://github.com/openssl/openssl
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- GIT
- Repo
- https://github.com/openssl/openssl
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- GIT
- Repo
- https://github.com/openssl/openssl
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Type
- GIT
- Repo
- https://github.com/openssl/openssl
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
3.*
3.0-POST-CLANG-FORMAT-WEBKIT
3.0-PRE-CLANG-FORMAT-WEBKIT
3.3-POST-CLANG-FORMAT-WEBKIT
3.3-PRE-CLANG-FORMAT-WEBKIT
3.4-POST-CLANG-FORMAT-WEBKIT
3.4-PRE-CLANG-FORMAT-WEBKIT
3.5-POST-CLANG-FORMAT-WEBKIT
3.5-PRE-CLANG-FORMAT-WEBKIT
3.6-POST-CLANG-FORMAT-WEBKIT
3.6-PRE-CLANG-FORMAT-WEBKIT
4.*
4.0-POST-CLANG-FORMAT-WEBKIT
4.0-PRE-CLANG-FORMAT-WEBKIT
Other
AFTER_COMPAQ_PATCH
BEFORE_COMPAQ_PATCH
BEFORE_engine
BEN_FIPS_TEST_1
BEN_FIPS_TEST_2
BEN_FIPS_TEST_3
BEN_FIPS_TEST_4
BEN_FIPS_TEST_5
BEN_FIPS_TEST_6
BEN_FIPS_TEST_7
BEN_FIPS_TEST_8
FIPS_098_TEST_1
FIPS_098_TEST_2
FIPS_098_TEST_3
FIPS_098_TEST_4
FIPS_098_TEST_5
FIPS_098_TEST_6
FIPS_098_TEST_7
FIPS_098_TEST_8
FIPS_TEST_10
FIPS_TEST_9
LEVITTE_after_const
LEVITTE_before_const
OpenSSL-engine-0_9_6
OpenSSL-engine-0_9_6-beta1
OpenSSL-engine-0_9_6-beta2
OpenSSL-engine-0_9_6-beta3
OpenSSL-engine-0_9_6a
OpenSSL-engine-0_9_6a-beta1
OpenSSL-engine-0_9_6a-beta2
OpenSSL-engine-0_9_6a-beta3
OpenSSL-engine-0_9_6b
OpenSSL-engine-0_9_6c
OpenSSL-engine-0_9_6d
OpenSSL-engine-0_9_6d-beta1
OpenSSL-engine-0_9_6e
OpenSSL-engine-0_9_6f
OpenSSL-engine-0_9_6g
OpenSSL-engine-0_9_6h
OpenSSL-engine-0_9_6i
OpenSSL-engine-0_9_6j
OpenSSL-engine-0_9_6k
OpenSSL-engine-0_9_6l
OpenSSL-engine-0_9_6m
OpenSSL-fips-1_2_0
OpenSSL-fips-1_2_1
OpenSSL-fips-1_2_2
OpenSSL-fips-1_2_3
OpenSSL-fips-2_0
OpenSSL-fips-2_0-pl1
OpenSSL-fips-2_0-rc1
OpenSSL-fips-2_0-rc2
OpenSSL-fips-2_0-rc3
OpenSSL-fips-2_0-rc4
OpenSSL-fips-2_0-rc5
OpenSSL-fips-2_0-rc6
OpenSSL-fips-2_0-rc7
OpenSSL-fips-2_0-rc8
OpenSSL-fips-2_0-rc9
OpenSSL-fips-2_0_1
OpenSSL-fips-2_0_10
OpenSSL-fips-2_0_11
OpenSSL-fips-2_0_12
OpenSSL-fips-2_0_13
OpenSSL-fips-2_0_14
OpenSSL-fips-2_0_15
OpenSSL-fips-2_0_16
OpenSSL-fips-2_0_2
OpenSSL-fips-2_0_3
OpenSSL-fips-2_0_4
OpenSSL-fips-2_0_5
OpenSSL-fips-2_0_6
OpenSSL-fips-2_0_7
OpenSSL-fips-2_0_8
OpenSSL-fips-2_0_9
OpenSSL_0_9_1c
OpenSSL_0_9_2b
OpenSSL_0_9_3
OpenSSL_0_9_3a
OpenSSL_0_9_3beta1
OpenSSL_0_9_3beta2
OpenSSL_0_9_4
OpenSSL_0_9_5
OpenSSL_0_9_5a
OpenSSL_0_9_5a-beta1
OpenSSL_0_9_5a-beta2
OpenSSL_0_9_5beta1
OpenSSL_0_9_5beta2
OpenSSL_0_9_6
OpenSSL_0_9_6-beta1
OpenSSL_0_9_6-beta2
OpenSSL_0_9_6-beta3
OpenSSL_0_9_6a
OpenSSL_0_9_6a-beta1
OpenSSL_0_9_6a-beta2
OpenSSL_0_9_6a-beta3
OpenSSL_0_9_6b
OpenSSL_0_9_6c
OpenSSL_0_9_6d
OpenSSL_0_9_6d-beta1
OpenSSL_0_9_6e
OpenSSL_0_9_6f
OpenSSL_0_9_6g
OpenSSL_0_9_6h
OpenSSL_0_9_6i
OpenSSL_0_9_6j
OpenSSL_0_9_6k
OpenSSL_0_9_6l
OpenSSL_0_9_6m
OpenSSL_0_9_7
OpenSSL_0_9_7-beta1
OpenSSL_0_9_7-beta2
OpenSSL_0_9_7-beta3
OpenSSL_0_9_7-beta4
OpenSSL_0_9_7-beta5
OpenSSL_0_9_7-beta6
OpenSSL_0_9_7a
OpenSSL_0_9_7b
OpenSSL_0_9_7c
OpenSSL_0_9_7d
OpenSSL_0_9_7e
OpenSSL_0_9_7f
OpenSSL_0_9_7g
OpenSSL_0_9_7h
OpenSSL_0_9_7i
OpenSSL_0_9_7j
OpenSSL_0_9_7k
OpenSSL_0_9_7l
OpenSSL_0_9_7m
OpenSSL_0_9_8
OpenSSL_0_9_8-beta1
OpenSSL_0_9_8-beta2
OpenSSL_0_9_8-beta3
OpenSSL_0_9_8-beta4
OpenSSL_0_9_8-beta5
OpenSSL_0_9_8-beta6
OpenSSL_0_9_8-post-auto-reformat
OpenSSL_0_9_8-post-reformat
OpenSSL_0_9_8-pre-auto-reformat
OpenSSL_0_9_8-pre-reformat
OpenSSL_0_9_8a
OpenSSL_0_9_8b
OpenSSL_0_9_8c
OpenSSL_0_9_8d
OpenSSL_0_9_8e
OpenSSL_0_9_8f
OpenSSL_0_9_8g
OpenSSL_0_9_8h
OpenSSL_0_9_8i
OpenSSL_0_9_8j
OpenSSL_0_9_8k
OpenSSL_0_9_8l
OpenSSL_0_9_8m
OpenSSL_0_9_8m-beta1
OpenSSL_0_9_8n
OpenSSL_0_9_8o
OpenSSL_0_9_8p
OpenSSL_0_9_8q
OpenSSL_0_9_8r
OpenSSL_0_9_8s
OpenSSL_0_9_8t
OpenSSL_0_9_8u
OpenSSL_0_9_8v
OpenSSL_0_9_8w
OpenSSL_0_9_8x
OpenSSL_0_9_8y
OpenSSL_0_9_8za
OpenSSL_0_9_8zb
OpenSSL_0_9_8zc
OpenSSL_0_9_8zd
OpenSSL_0_9_8ze
OpenSSL_0_9_8zf
OpenSSL_0_9_8zg
OpenSSL_0_9_8zh
OpenSSL_1_0_0
OpenSSL_1_0_0-beta1
OpenSSL_1_0_0-beta2
OpenSSL_1_0_0-beta3
OpenSSL_1_0_0-beta4
OpenSSL_1_0_0-beta5
OpenSSL_1_0_0-post-auto-reformat
OpenSSL_1_0_0-post-reformat
OpenSSL_1_0_0-pre-auto-reformat
OpenSSL_1_0_0-pre-reformat
OpenSSL_1_0_0a
OpenSSL_1_0_0b
OpenSSL_1_0_0c
OpenSSL_1_0_0d
OpenSSL_1_0_0e
OpenSSL_1_0_0f
OpenSSL_1_0_0g
OpenSSL_1_0_0h
OpenSSL_1_0_0i
OpenSSL_1_0_0j
OpenSSL_1_0_0k
OpenSSL_1_0_0l
OpenSSL_1_0_0m
OpenSSL_1_0_0n
OpenSSL_1_0_0o
OpenSSL_1_0_0p
OpenSSL_1_0_0q
OpenSSL_1_0_0r
OpenSSL_1_0_0s
OpenSSL_1_0_0t
OpenSSL_1_0_1
OpenSSL_1_0_1-beta1
OpenSSL_1_0_1-beta2
OpenSSL_1_0_1-beta3
OpenSSL_1_0_1-post-auto-reformat
OpenSSL_1_0_1-post-reformat
OpenSSL_1_0_1-pre-auto-reformat
OpenSSL_1_0_1-pre-reformat
OpenSSL_1_0_1a
OpenSSL_1_0_1b
OpenSSL_1_0_1c
OpenSSL_1_0_1d
OpenSSL_1_0_1e
OpenSSL_1_0_1f
OpenSSL_1_0_1g
OpenSSL_1_0_1h
OpenSSL_1_0_1i
OpenSSL_1_0_1j
OpenSSL_1_0_1k
OpenSSL_1_0_1l
OpenSSL_1_0_1m
OpenSSL_1_0_1n
OpenSSL_1_0_1o
OpenSSL_1_0_1p
OpenSSL_1_0_1q
OpenSSL_1_0_1r
OpenSSL_1_0_1s
OpenSSL_1_0_1t
OpenSSL_1_0_1u
OpenSSL_1_0_2
OpenSSL_1_0_2-beta1
OpenSSL_1_0_2-beta2
OpenSSL_1_0_2-beta3
OpenSSL_1_0_2-post-auto-reformat
OpenSSL_1_0_2-post-reformat
OpenSSL_1_0_2-pre-auto-reformat
OpenSSL_1_0_2-pre-reformat
OpenSSL_1_0_2a
OpenSSL_1_0_2b
OpenSSL_1_0_2c
OpenSSL_1_0_2d
OpenSSL_1_0_2e
OpenSSL_1_0_2f
OpenSSL_1_0_2g
OpenSSL_1_0_2h
OpenSSL_1_0_2i
OpenSSL_1_0_2j
OpenSSL_1_0_2k
OpenSSL_1_0_2l
OpenSSL_1_0_2m
OpenSSL_1_0_2n
OpenSSL_1_0_2o
OpenSSL_1_0_2p
OpenSSL_1_0_2q
OpenSSL_1_0_2r
OpenSSL_1_0_2s
OpenSSL_1_0_2t
OpenSSL_1_0_2u
OpenSSL_1_1_0
OpenSSL_1_1_0-pre1
OpenSSL_1_1_0-pre2
OpenSSL_1_1_0-pre3
OpenSSL_1_1_0-pre4
OpenSSL_1_1_0-pre5
OpenSSL_1_1_0-pre6
OpenSSL_1_1_0a
OpenSSL_1_1_0b
OpenSSL_1_1_0c
OpenSSL_1_1_0d
OpenSSL_1_1_0e
OpenSSL_1_1_0f
OpenSSL_1_1_0g
OpenSSL_1_1_0h
OpenSSL_1_1_0i
OpenSSL_1_1_0j
OpenSSL_1_1_0k
OpenSSL_1_1_0l
OpenSSL_1_1_1
OpenSSL_1_1_1-pre1
OpenSSL_1_1_1-pre2
OpenSSL_1_1_1-pre3
OpenSSL_1_1_1-pre4
OpenSSL_1_1_1-pre5
OpenSSL_1_1_1-pre6
OpenSSL_1_1_1-pre7
OpenSSL_1_1_1-pre8
OpenSSL_1_1_1-pre9
OpenSSL_1_1_1a
OpenSSL_1_1_1b
OpenSSL_1_1_1c
OpenSSL_1_1_1d
OpenSSL_1_1_1e
OpenSSL_1_1_1f
OpenSSL_1_1_1g
OpenSSL_1_1_1h
OpenSSL_1_1_1i
OpenSSL_1_1_1j
OpenSSL_1_1_1k
OpenSSL_1_1_1l
OpenSSL_1_1_1m
OpenSSL_1_1_1n
OpenSSL_1_1_1o
OpenSSL_1_1_1p
OpenSSL_1_1_1q
OpenSSL_1_1_1r
OpenSSL_1_1_1s
OpenSSL_1_1_1t
OpenSSL_1_1_1u
OpenSSL_1_1_1v
OpenSSL_1_1_1w
OpenSSL_FIPS_1_0
SSLeay_0_8_1b
SSLeay_0_9_0b
SSLeay_0_9_1b
STATE_after_zlib
STATE_before_zlib
master-post-auto-reformat
master-post-reformat
master-pre-auto-reformat
master-pre-reformat
rsaref
openssl-3.*
openssl-3.0.0
openssl-3.0.0-alpha1
openssl-3.0.0-alpha10
openssl-3.0.0-alpha11
openssl-3.0.0-alpha12
openssl-3.0.0-alpha13
openssl-3.0.0-alpha14
openssl-3.0.0-alpha15
openssl-3.0.0-alpha16
openssl-3.0.0-alpha17
openssl-3.0.0-alpha2
openssl-3.0.0-alpha3
openssl-3.0.0-alpha4
openssl-3.0.0-alpha5
openssl-3.0.0-alpha6
openssl-3.0.0-alpha7
openssl-3.0.0-alpha8
openssl-3.0.0-alpha9
openssl-3.0.0-beta1
openssl-3.0.0-beta2
openssl-3.0.1
openssl-3.0.10
openssl-3.0.11
openssl-3.0.12
openssl-3.0.13
openssl-3.0.14
openssl-3.0.15
openssl-3.0.16
openssl-3.0.17
openssl-3.0.18
openssl-3.0.19
openssl-3.0.2
openssl-3.0.3
openssl-3.0.4
openssl-3.0.5
openssl-3.0.6
openssl-3.0.7
openssl-3.0.8
openssl-3.0.9
openssl-3.1.0
openssl-3.1.0-alpha1
openssl-3.1.0-beta1
openssl-3.1.1
openssl-3.1.2
openssl-3.1.3
openssl-3.1.4
openssl-3.1.5
openssl-3.1.6
openssl-3.1.7
openssl-3.1.8
openssl-3.2.0
openssl-3.2.0-alpha1
openssl-3.2.0-alpha2
openssl-3.2.0-beta1
openssl-3.2.1
openssl-3.2.2
openssl-3.2.3
openssl-3.2.4
openssl-3.2.5
openssl-3.2.6
openssl-3.3.0
openssl-3.3.0-alpha1
openssl-3.3.0-beta1
openssl-3.3.1
openssl-3.3.2
openssl-3.3.3
openssl-3.3.4
openssl-3.3.5
openssl-3.3.6
openssl-3.4.0
openssl-3.4.0-alpha1
openssl-3.4.0-beta1
openssl-3.4.1
openssl-3.4.2
openssl-3.4.3
openssl-3.4.4
openssl-3.5.0
openssl-3.5.0-alpha1
openssl-3.5.0-beta1
openssl-3.5.1
openssl-3.5.2
openssl-3.5.3
openssl-3.5.4
openssl-3.5.5
openssl-3.6.0
openssl-3.6.0-alpha1
openssl-3.6.0-beta1
openssl-3.6.1
openssl-4.*
openssl-4.0.0-alpha1
openssl-4.0.0-beta1
Database specific
vanir_signatures
[
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "219663322568032758739344610759529853203",
"length": 152.0
},
"id": "CVE-2024-4603-0f1dc7ae",
"target": {
"function": "ossl_dsa_check_pub_key",
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "307444583308020639014663628111494753137",
"length": 301.0
},
"id": "CVE-2024-4603-27dbfa1b",
"target": {
"function": "ossl_dsa_check_params",
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "63303990667448414431624506292711823034",
"length": 187.0
},
"id": "CVE-2024-4603-287eb402",
"target": {
"function": "ossl_dsa_check_priv_key",
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "236650307775533617446147756765254676295",
"length": 521.0
},
"id": "CVE-2024-4603-302cbd02",
"target": {
"function": "ossl_dsa_check_pairwise",
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "236650307775533617446147756765254676295",
"length": 521.0
},
"id": "CVE-2024-4603-32202760",
"target": {
"function": "ossl_dsa_check_pairwise",
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "307444583308020639014663628111494753137",
"length": 301.0
},
"id": "CVE-2024-4603-4187310f",
"target": {
"function": "ossl_dsa_check_params",
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d",
"signature_type": "Line",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"243150946184705416718670416235183356916",
"180349981022369179925439192885659650714",
"8106935018977536703215056308323611634",
"137549371667215865797354773677897919745",
"178836937939992247904524348378080056735",
"278097579510097664881660522629381390399",
"90181849990248972169943799142956395004",
"74978584338083252776430056065644879326",
"76169492372411342605408504353923724513",
"55983040006459865879982821551074916929",
"326410872419412397963066451556847399168",
"83139677653707575113776342785214859276",
"328344147515312161050901724342349399519",
"12296000804367969784194674287167751474",
"213080590428735873312882663715853986836",
"18090696423168841971202238792296069525",
"249365869365766579695386042359288790320",
"159149726014041690445969824550432676451",
"256845625190901066519403965942137550781",
"131307540412419780483250265659272263156",
"312611335098158983336659862104821095064",
"128039915356107327974349445235373709199",
"32274130780543847983305058081411750891"
]
},
"id": "CVE-2024-4603-47776a39",
"target": {
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "236650307775533617446147756765254676295",
"length": 521.0
},
"id": "CVE-2024-4603-4dbed64f",
"target": {
"function": "ossl_dsa_check_pairwise",
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "307444583308020639014663628111494753137",
"length": 301.0
},
"id": "CVE-2024-4603-6b2b3cbf",
"target": {
"function": "ossl_dsa_check_params",
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740",
"signature_type": "Line",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"243150946184705416718670416235183356916",
"180349981022369179925439192885659650714",
"8106935018977536703215056308323611634",
"137549371667215865797354773677897919745",
"178836937939992247904524348378080056735",
"278097579510097664881660522629381390399",
"90181849990248972169943799142956395004",
"74978584338083252776430056065644879326",
"76169492372411342605408504353923724513",
"55983040006459865879982821551074916929",
"326410872419412397963066451556847399168",
"83139677653707575113776342785214859276",
"328344147515312161050901724342349399519",
"12296000804367969784194674287167751474",
"213080590428735873312882663715853986836",
"18090696423168841971202238792296069525",
"249365869365766579695386042359288790320",
"159149726014041690445969824550432676451",
"256845625190901066519403965942137550781",
"131307540412419780483250265659272263156",
"312611335098158983336659862104821095064",
"128039915356107327974349445235373709199",
"32274130780543847983305058081411750891"
]
},
"id": "CVE-2024-4603-6f6a722b",
"target": {
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e",
"signature_type": "Line",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"243150946184705416718670416235183356916",
"180349981022369179925439192885659650714",
"8106935018977536703215056308323611634",
"137549371667215865797354773677897919745",
"178836937939992247904524348378080056735",
"278097579510097664881660522629381390399",
"90181849990248972169943799142956395004",
"74978584338083252776430056065644879326",
"76169492372411342605408504353923724513",
"55983040006459865879982821551074916929",
"326410872419412397963066451556847399168",
"83139677653707575113776342785214859276",
"328344147515312161050901724342349399519",
"12296000804367969784194674287167751474",
"213080590428735873312882663715853986836",
"18090696423168841971202238792296069525",
"249365869365766579695386042359288790320",
"159149726014041690445969824550432676451",
"256845625190901066519403965942137550781",
"131307540412419780483250265659272263156",
"312611335098158983336659862104821095064",
"128039915356107327974349445235373709199",
"32274130780543847983305058081411750891"
]
},
"id": "CVE-2024-4603-768ad877",
"target": {
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "63303990667448414431624506292711823034",
"length": 187.0
},
"id": "CVE-2024-4603-80202d0f",
"target": {
"function": "ossl_dsa_check_priv_key",
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "219663322568032758739344610759529853203",
"length": 152.0
},
"id": "CVE-2024-4603-98fe2189",
"target": {
"function": "ossl_dsa_check_pub_key",
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "219663322568032758739344610759529853203",
"length": 152.0
},
"id": "CVE-2024-4603-9aa2870f",
"target": {
"function": "ossl_dsa_check_pub_key_partial",
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "219663322568032758739344610759529853203",
"length": 152.0
},
"id": "CVE-2024-4603-a4ba5364",
"target": {
"function": "ossl_dsa_check_pub_key_partial",
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "63303990667448414431624506292711823034",
"length": 187.0
},
"id": "CVE-2024-4603-a5c9e065",
"target": {
"function": "ossl_dsa_check_priv_key",
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "219663322568032758739344610759529853203",
"length": 152.0
},
"id": "CVE-2024-4603-b1dd08ad",
"target": {
"function": "ossl_dsa_check_pub_key_partial",
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "219663322568032758739344610759529853203",
"length": 152.0
},
"id": "CVE-2024-4603-c032044a",
"target": {
"function": "ossl_dsa_check_pub_key",
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "236650307775533617446147756765254676295",
"length": 521.0
},
"id": "CVE-2024-4603-c2f70c2e",
"target": {
"function": "ossl_dsa_check_pairwise",
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/da343d0605c826ef197aceedc67e8e04f065f740",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "219663322568032758739344610759529853203",
"length": 152.0
},
"id": "CVE-2024-4603-c98162c3",
"target": {
"function": "ossl_dsa_check_pub_key",
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/3559e868e58005d15c6013a0c1fd832e51c73397",
"signature_type": "Line",
"deprecated": false,
"digest": {
"threshold": 0.9,
"line_hashes": [
"243150946184705416718670416235183356916",
"180349981022369179925439192885659650714",
"8106935018977536703215056308323611634",
"137549371667215865797354773677897919745",
"178836937939992247904524348378080056735",
"278097579510097664881660522629381390399",
"90181849990248972169943799142956395004",
"74978584338083252776430056065644879326",
"76169492372411342605408504353923724513",
"55983040006459865879982821551074916929",
"326410872419412397963066451556847399168",
"83139677653707575113776342785214859276",
"328344147515312161050901724342349399519",
"12296000804367969784194674287167751474",
"213080590428735873312882663715853986836",
"18090696423168841971202238792296069525",
"249365869365766579695386042359288790320",
"159149726014041690445969824550432676451",
"256845625190901066519403965942137550781",
"131307540412419780483250265659272263156",
"312611335098158983336659862104821095064",
"128039915356107327974349445235373709199",
"32274130780543847983305058081411750891"
]
},
"id": "CVE-2024-4603-cb9b89a3",
"target": {
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "63303990667448414431624506292711823034",
"length": 187.0
},
"id": "CVE-2024-4603-de0add79",
"target": {
"function": "ossl_dsa_check_priv_key",
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/9c39b3858091c152f52513c066ff2c5a47969f0d",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "219663322568032758739344610759529853203",
"length": 152.0
},
"id": "CVE-2024-4603-defd9f3b",
"target": {
"function": "ossl_dsa_check_pub_key_partial",
"file": "crypto/dsa/dsa_check.c"
}
},
{
"signature_version": "v1",
"source": "https://github.com/openssl/openssl/commit/53ea06486d296b890d565fb971b2764fcd826e7e",
"signature_type": "Function",
"deprecated": false,
"digest": {
"function_hash": "307444583308020639014663628111494753137",
"length": 301.0
},
"id": "CVE-2024-4603-e6a5924e",
"target": {
"function": "ossl_dsa_check_params",
"file": "crypto/dsa/dsa_check.c"
}
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-4603.json"