Kunpeng BoostKit 22.0.0.SPC5
Python CVE-2023-24329 vulnerability
Trouble Ticket No. |
DTS: DTS2023022800343 Vulnerability ID: HWPSIRT-2023-87253 |
|---|---|
Symptom |
The product involves a security vulnerability in Python 3.9.11. The external CVE number is CVE-2023-24329. An issue in the urllib.parse component of Python before v3.11 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters. |
Severity |
Major |
Root Cause |
Python 3.9.11 used by the product has the CVE-2023-24329 vulnerability. |
Solution |
Use the Python software in which this vulnerability has been fixed. |
Impact |
None |
Test Suggestion |
Obtain the tag of Python used for version build and compare it with the vulnerability fix list of the tag. If the list contains the CVE-2023-24329 vulnerability, the vulnerability has been fixed. |
OpenSSL CVE-2023-0466 Vulnerability
Trouble Ticket No. |
DTS: DTS2023032900875 Vulnerability ID: HWPSIRT-2023-01784 |
|---|---|
Symptom |
The product involves a security vulnerability in OpenSSL 1.1.1n. The external CVE number is CVE-2023-0466. The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However, the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification. |
Severity |
Minor |
Root Cause |
OpenSSL 1.1.1n used by the product has the CVE-2023-0466 vulnerability. |
Solution |
Use the OpenSSL software in which this vulnerability has been fixed. |
Impact |
None |
Test Suggestion |
Obtain the tag of OpenSSL 1.1.1n used for version build and compare it with the vulnerability fix list of the tag. If the list contains the CVE-2023-0466 vulnerability, the vulnerability has been fixed. |
OpenSSL CVE-2023-0465 Vulnerability
Trouble Ticket No. |
DTS: DTS2023032900875 Vulnerability ID: HWPSIRT-2023-59373 |
|---|---|
Symptom |
The product involves a security vulnerability in OpenSSL 1.1.1n. The external CVE number is CVE-2023-0465. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether. |
Severity |
Minor |
Root Cause |
OpenSSL 1.1.1n used by the product has the CVE-2023-0465 vulnerability. |
Solution |
Use the OpenSSL software in which this vulnerability has been fixed. |
Impact |
None |
Test Suggestion |
Obtain the tag of OpenSSL 1.1.1n used for version build and compare it with the vulnerability fix list of the tag. If the list contains the CVE-2023-0465 vulnerability, the vulnerability has been fixed. |
OpenSSL CVE-2023-0464 Vulnerability
Trouble Ticket No. |
DTS: DTS2023032300520 Vulnerability ID: HWPSIRT-2023-10355 |
|---|---|
Symptom |
The product involves a security vulnerability in OpenSSL 1.1.1n. The external CVE number is CVE-2023-0464. A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems. |
Severity |
Minor |
Root Cause |
OpenSSL 1.1.1n used by the product has the CVE-2023-0464 vulnerability. |
Solution |
Use the OpenSSL software in which this vulnerability has been fixed. |
Impact |
None |
Test Suggestion |
Obtain the tag of OpenSSL 1.1.1n used for version build and compare it with the vulnerability fix list of the tag. If the list contains the CVE-2023-0464 vulnerability, the vulnerability has been fixed. |
OpenSSL CVE-2023-0215 Vulnerability
Trouble Ticket No. |
DTS: DTS2023020815039 Vulnerability ID: HWPSIRT-2023-62461 |
|---|---|
Symptom |
The product involves a security vulnerability in OpenSSL 1.1.1n. The external CVE number is CVE-2023-0215 This scenario occurs directly in the internal function B64_write_ASN1() which may cause BIO_new_NDEF() to be called and will subsequently call BIO_pop() on the BIO. Other public API functions that may be impacted by this include i2d_ASN1_bio_stream, BIO_new_CMS, BIO_new_PKCS7, i2d_CMS_bio_stream,and i2d_PKCS7_bio_stream. |
Severity |
Major |
Root Cause |
OpenSSL 1.1.1n used by the product has the CVE-2023-0215 vulnerability. |
Solution |
Use the OpenSSL software in which this vulnerability has been fixed. |
Impact |
None |
Test Suggestion |
Obtain the tag of OpenSSL 1.1.1n used for version build and compare it with the vulnerability fix list of the tag. If the list contains the CVE-2023-0215 vulnerability, the vulnerability has been fixed. |
OpenSSL CVE-2022-4304 Vulnerability
Trouble Ticket No. |
DTS: DTS2023020815039 Vulnerability ID: HWPSIRT-2023-25691 |
|---|---|
Symptom |
The product involves a security vulnerability in OpenSSL 1.1.1n. The external CVE number is CVE-2022-4304. A timing-based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. |
Severity |
Major |
Root Cause |
OpenSSL 1.1.1n used by the product has the CVE-2022-4304 vulnerability. |
Solution |
Use the OpenSSL software in which this vulnerability has been fixed. |
Impact |
None |
Test Suggestion |
Obtain the tag of OpenSSL 1.1.1n used for version build and compare it with the vulnerability fix list of the tag. If the list contains the CVE-2022-4304 vulnerability, the vulnerability has been fixed. |
OpenSSL CVE-2023-0286 Vulnerability
Trouble Ticket No. |
DTS: DTS2023020815039 Vulnerability ID: HWPSIRT-2023-46765 |
|---|---|
Symptom |
The product involves a security vulnerability in OpenSSL 1.1.1n. The external CVE number is CVE-2023-0286. There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. This vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network. |
Severity |
Major |
Root Cause |
OpenSSL 1.1.1n used by the product has the CVE-2023-0286 vulnerability. |
Solution |
Use the OpenSSL software in which this vulnerability has been fixed. |
Impact |
None |
Test Suggestion |
Obtain the tag of OpenSSL 1.1.1n used for version build and compare it with the vulnerability fix list of the tag. If the list contains the CVE-2023-0286 vulnerability, the vulnerability has been fixed. |
OpenSSL CVE-2022-4450 Vulnerability
Trouble Ticket No. |
DTS: DTS2023020815039 Vulnerability ID: HWPSIRT-2023-92182 |
|---|---|
Symptom |
The product involves a security vulnerability in OpenSSL 1.1.1n. The external CVE number is CVE-2022-4450. When the function PEM_read_bio_ex() reads a PEM file from a BIO, it is possible to construct a PEM file that results in 0 bytes of payload data. In this case PEM_read_bio_ex() will return a failure code but will populate the header argument with a pointer to a buffer that has already been freed. If the caller also frees this buffer then a double free will occur. Other OpenSSL functions including PEM_read_bio(), PEM_read(), PEM_X509_INFO_read_bio_ex(), and SSL_CTX_use_serverinfo_file() are also vulnerable. |
Severity |
Major |
Root Cause |
OpenSSL 1.1.1n used by the product has the CVE-2022-4450 vulnerability. |
Solution |
Use the OpenSSL software in which this vulnerability has been fixed. |
Impact |
None |
Test Suggestion |
Obtain the tag of OpenSSL 1.1.1n used for version build and compare it with the vulnerability fix list of the tag. If the list contains the CVE-2022-4450 vulnerability, the vulnerability has been fixed. |