Bug 2102943 (CVE-2022-2274)

Summary: CVE-2022-2274 openssl: AVX-512-specific heap buffer overflow
Product: [Other] Security Response Reporter: Sandipan Roy <saroy>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: abuckta, adudiak, aprice, arachman, asoldano, bbaranow, bdettelb, berrange, bmaxwell, bootloader-eng-team, brian.stansberry, caswilli, cdewolf, cfergeau, chazlett, cllang, crizzo, crobinso, crypto-team, csutherl, darran.lofthouse, dbelyavs, ddepaula, dffrench, dfreiber, dhalasz, dkreling, dkuc, dnakabaa, doconnor, dosoudil, drow, dsoumis, dueno, elima, epel-packagers-sig, erik-fedora, fjansen, fjuma, fmartine, gzaronik, hkataria, ikanias, istudens, ivassile, iweiss, jary, jburrell, jclere, jferlan, jkoehler, jmitchel, jochrist, joehler, jsamir, jvasik, jwong, jwon, kaycoth, krathod, kraxel, kshier, ktietz, lcouzens, lgao, lphiri, lveyde, marcandre.lureau, mcascell, michal.skrivanek, michel, micjohns, mjg59, mmadzin, mosmerov, mperina, mskarbek, msochure, mspacek, msvehla, mturk, ngough, nwallace, oezr, orabin, pbonzini, peholase, pesilva, philmd, pjindal, pjones, plodge, pmackay, rblanco, redhat-bugzilla, rgodfrey, rharwood, rh-spice-bugs, rjones, rmaucher, rogbas, rravi, rstancel, rsvoboda, sahana, sbonazzo, security-response-team, smaestri, stcannon, sthirugn, szappis, teagle, tfister, tm, tohughes, tom.jenkinson, vchlup, virt-maint, virt-maint, vkrizan, vkumar, vmugicag, yguenane, yozone
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: openssl 3.0.5 Doc Type: If docs needed, set a value
Doc Text:
The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2022-07-02 02:41:56 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2102941    

Description Sandipan Roy 2022-07-01 04:39:46 UTC 
AVX512-specific heap buffer overflow.

https://github.com/openssl/openssl/issues/18625
https://guidovranken.com/2022/06/27/notes-on-openssl-remote-memory-corruption/
Comment 2 Mauro Matteo Cascella 2022-07-01 08:54:13 UTC 
Upstream fix PR:
https://github.com/openssl/openssl/pull/18626

Upstream fix commit:
https://github.com/openssl/openssl/commit/4d8a88c134df634ba610ff8db1eb8478ac5fd345
Comment 3 Product Security DevOps Team 2022-07-02 02:41:48 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-2274
Comment 4 Sandipan Roy 2022-07-06 15:50:07 UTC 
https://www.openssl.org/news/secadv/20220705.txt