Rapid7 Vulnerability & Exploit Database

Amazon Linux AMI 2: CVE-2023-0464: Security patch for edk2, openssl, openssl-snapsafe, openssl11 (Multiple Advisories)

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Amazon Linux AMI 2: CVE-2023-0464: Security patch for edk2, openssl, openssl-snapsafe, openssl11 (Multiple Advisories)

Severity

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

03/22/2023

Created

05/17/2023

Added

05/17/2023

Modified

03/19/2024

Description

A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. Policy processing is disabled by default but can be enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function.

Solution(s)

amazon-linux-ami-2-upgrade-edk2-aarch64
amazon-linux-ami-2-upgrade-edk2-debuginfo
amazon-linux-ami-2-upgrade-edk2-ovmf
amazon-linux-ami-2-upgrade-edk2-tools
amazon-linux-ami-2-upgrade-edk2-tools-doc
amazon-linux-ami-2-upgrade-edk2-tools-python
amazon-linux-ami-2-upgrade-openssl
amazon-linux-ami-2-upgrade-openssl-debuginfo
amazon-linux-ami-2-upgrade-openssl-devel
amazon-linux-ami-2-upgrade-openssl-libs
amazon-linux-ami-2-upgrade-openssl-perl
amazon-linux-ami-2-upgrade-openssl-snapsafe
amazon-linux-ami-2-upgrade-openssl-snapsafe-debuginfo
amazon-linux-ami-2-upgrade-openssl-snapsafe-devel
amazon-linux-ami-2-upgrade-openssl-snapsafe-libs
amazon-linux-ami-2-upgrade-openssl-snapsafe-perl
amazon-linux-ami-2-upgrade-openssl-snapsafe-static
amazon-linux-ami-2-upgrade-openssl-static
amazon-linux-ami-2-upgrade-openssl11
amazon-linux-ami-2-upgrade-openssl11-debuginfo
amazon-linux-ami-2-upgrade-openssl11-devel
amazon-linux-ami-2-upgrade-openssl11-libs
amazon-linux-ami-2-upgrade-openssl11-static

References

https://attackerkb.com/topics/cve-2023-0464
AL2/ALAS-2023-2039
AL2/ALAS-2023-2073
AL2/ALAS-2024-2502
AL2/ALASOPENSSL-SNAPSAFE-2023-002
CVE - 2023-0464

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Amazon Linux AMI 2: CVE-2023-0464: Security patch for edk2, openssl, openssl-snapsafe, openssl11 (Multiple Advisories)

Amazon Linux AMI 2: CVE-2023-0464: Security patch for edk2, openssl, openssl-snapsafe, openssl11 (Multiple Advisories)

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.