mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-30 09:09:31 +02:00
0xMarcio
1.5 KiB
1.5 KiB
CVE-2022-3996
Description
If an X.509 certificate contains a malformed policy constraint andpolicy processing is enabled, then a write lock will be taken twicerecursively. On some operating systems (most widely: Windows) thisresults in a denial of service when the affected process hangs. Policyprocessing being enabled on a publicly facing server is not consideredto be a common setup.Policy processing is enabled by passing the -policy'argument to the command line utilities or by calling theX509_VERIFY_PARAM_set1_policies()' function.Update (31 March 2023): The description of the policy processing enablementwas corrected based on CVE-2023-0466.
POC
Reference
No PoCs from references.
Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CrowdStrike/ivan
- https://github.com/JakubWierzchowski/manier
- https://github.com/agadecki/malware-cryptominer-container
- https://github.com/akaganeite/CVE4PP
- https://github.com/henriquebesing/container-security
- https://github.com/kb5fls/container-security
- https://github.com/ruzickap/malware-cryptominer-container