An OpenSSL vulnerability (CVE-2024-4603) has been discovered involving excessively long Discrete Logarithm (DSA) keys or parameters that can result in slow performance, potentially leading to a Denial of Service (DoS) for applications using OpenSSL functions EVP_PKEY_param_check() or EVP_PKEY_public_check() to validate a DSA public key or parameters.

Impact Summary: Applications Using OpenSSL Functions at Risk for DoS

When an application uses the OpenSSL functions EVP_PKEY_param_check() and EVP_PKEY_public_check() to verify a DSA public key or DSA parameters, the computations associated with these checks may take a significant amount of time if the modulus (p parameter) is excessively large. As a result, the application may slow down or become unresponsive, making it susceptible to a DoS attack when processing DSA keys or parameters obtained from an untrusted source.

Although OpenSSL restricts the use of public keys with modulus sizes over 10,000 bits for signature verification, the key and parameter check functions do not limit modulus sizes when performing the checks. Consequently, any application calling the vulnerable functions and supplying an excessively large key or parameters obtained from an untrusted source may suffer a DoS attack risk.

OpenSSL itself does not call these functions on untrusted DSA keys, and therefore this issue only affects applications that directly use the affected functions. The OpenSSL command-line applications pkey and pkeyparam are also vulnerable when using the -check option. However, the OpenSSL SSL/TLS implementation remains unaffected by this issue.

The OpenSSL 3. and 3.1 FIPS providers are impacted by this vulnerability.

Original References: OpenSSL Security Advisory

The official OpenSSL Security Advisory link provides details on the CVE-2024-4603 vulnerability and its potential impacts.

Affected applications make use of the following OpenSSL functions

EVP_PKEY_param_check()
EVP_PKEY_public_check()

In the case of an excessively large DSA key or parameters, the checks performed by these functions will become very slow, leading to the potential for a DoS attack.

Exploit Details: DoS Attack

An attacker could exploit this vulnerability by crafting a DSA key or parameters and injecting them into an application that uses the affected OpenSSL functions. Once the key or parameters are processed, the excessive computational resources required to perform the checks may render the application unresponsive, leading to a DoS attack.

To mitigate this vulnerability, it is essential to limit the maximum size of the DSA keys or parameters that an application will process. By ensuring that input keys or parameters come from trusted sources and adhering to the 10,000-bit modulus size limitation, applications can reduce the risk of a DoS attack resulting from this OpenSSL vulnerability.

Timeline

Published on: 05/16/2024 16:15:10 UTC
Last modified on: 08/13/2024 16:35:05 UTC