OpenSSL developers have released a major security update that closes at least eight documented bugs that exposed OpenSSL users to the risk of hacker attacks.
The most serious of all the fixed vulnerabilities was CVE-2023-0286, which belongs to the type confusion type. This issue allowed an attacker to read the contents of memory or use denial of service exploits.
OpenSSL gave this vulnerability a high severity rating, but stressed that the bug is likely to affect only applications that implement their own functions for obtaining CRLs over the network.
Other issues include the side-channel vulnerability CVE-2022-4304 associated with the OpenSSL RSA Decryption implementation. Exploitation of this bug may be enough to recover data transmitted over the network in clear text, in the style of a Bleichenbacher attack.
In addition, a heap buffer overflow during X.509 certificate validation (CVE-2022-4203) could result in a failure that could result in a denial of service.
Organizations using OpenSSL versions 3.0, 1.1.1, and 1.0.2 are strongly encouraged to install patches as soon as possible.
It is also worth noting that this week a critical vulnerability in OpenSSH was fixed, which received the identifier CVE-2023-25136 and scored 9.1 points out of 10 on the CVSS vulnerability rating scale.
This problem appeared in OpenSSH 9.1 and worked without authentication, resulting in a double free in an unprivileged sshd process. Such errors can lead to data corruption in memory, which in turn leads to a crash or arbitrary code execution.
Users are advised to upgrade to OpenSSH 9.2 as soon as possible to mitigate potential risks.