2307826 – (CVE-2024-41996) CVE-2024-41996 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

Bug 2307826 (CVE-2024-41996) - CVE-2024-41996 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

Summary: CVE-2024-41996 openssl: remote attackers (from the client side) to trigger un...

Keywords:
Status:	NEW
Alias:	CVE-2024-41996
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2024-08-26 06:20 UTC by OSIDB Bzimport
Modified:	2025-03-17 23:45 UTC (History)
CC List:	38 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2024-08-26 06:20:30 UTC

Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.

Note You need to log in before you can comment on or make changes to this bug.

adudiak
akostadi
amasferr
bdettelb
cbartlet
chazlett
csutherl
dbosanac
dfreiber
dmayorov
doconnor
drow
jburrell
jcantril
jclere
jlledo
jmitchel
jreimann
jtanner
kaycoth
kshier
mdessi
mjaros
mkudlej
mmakovy
mrizzi
mturk
omaciel
pcattana
pjindal
plodge
stcannon
szappis
teagle
tjochec
vkumar
vmugicag
yguenane