Update to OpenSSL 3.0.13 - tracking some minor OpenSSL 3.0.8 vulnerabilities

[fyodor]

Update (March 11, 2024): Actually it look like we'll be able to get OpenSSL 3.0.13 into the Nmap release which is coming very soon.

UPDATE (Jan 25, 2024): Updated title to OpenSSL 3.0.12 since we're planning to upgrade to that version before the upcoming Nmap 7.95 release.

UPDATE (July 17, 2023): Nmap Version 7.94 was released on May 19, 2023 with the then-latest OpenSSL Version 3.08.
OpenSSL 3.0.9 was released on May 30, 2023 and will be included with the next Nmap release.

We're planning to include the newest OpenSSL version (3.0.8) in the upcoming Nmap release Windows and Mac builds unless an even newer version of OpenSSL is released by then. OpenSSL already has 4 CVE's issued against Version 3.0.8, but the OpenSSL team considers their severity to be so low that they aren't creating a special fixed release. Also Nmap itself isn't vulnerable to any of them. Our Ncat program could be affected if you use it with the non-default --ssl-verify option. We are tracking the issues here, and further information is available from the OpenSSL Security Vulnerabilities Page. Once OpenSSL puts out a a fixed 3.0.9 release, we plan to update our Nmap Windows and Mac builds and then include those with our next release. Then we'll close this issue.

• CVE-2023-0464 - Excessive Resource Usage Verifying X.509 Policy Constraints

  • OpenSSL team reports that "A security vulnerability has been identified in all supported versions of OpenSSL related to the verification of X.509 certificate chains that include policy constraints. Attackers may be able to exploit this
    vulnerability by creating a malicious certificate chain that triggers exponential use of computational resources, leading to a denial-of-service (DoS) attack on affected systems." and "Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available."
  • Nmap is not affected because it doesn't do certificate validation. Ncat could possibly be affected if you use the --ssl-verify option.

• CVE-2023-0465 - Invalid certificate policies in leaf certificates are silently ignored

  • OpenSSL team reports that "Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks." and "Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available."
  • Nmap is not affected because it doesn't do certificate validation. Ncat could possibly be affected if you use the --ssl-verify option.

• CVE-2023-0466 - Certificate policy check not enabled

  • OpenSSL team reports that "The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification." and "Due to the low severity of this issue we are not creating a new release at this time."
  • Nmap is not affected because it doesn't do certificate validation. Ncat could possibly be affected if you use the --ssl-verify option.

• CVE-2023-1255 - "input buffer over-read in AES-XTS implementation on 64 bit ARM

  • OpenSSL team reports: "The AES-XTS cipher decryption implementation for 64 bit ARM platform contains a bug that could cause it to read past the input buffer, leading to a crash." and "Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available."
  • Nmap is not affected because it doesn't use the AES-XTS mode (which isn't used for SSL).

• CVE-2023-2650 - "Possible DoS translating ASN.1 object identifiers"

  • OpenSSL team reports: "Processing some specially crafted ASN.1 object identifiers or
    data containing them may be very slow."
  • Nmap is not affected because we haven't enabled client authentication. Even if Nmap was affected, this would just slow the scan down a bit.

[guyharris]

Was this intended to be an Nmap issue rather than an Npcap issue?

[fyodor]

Thanks @guyharris, you're right. I'll move it. Some days I just have Npcap on the brain :).

[fyodor]

I've updated this issue to note that we included the then-latest OpenSSL 3.0.8 in the May 19 release of Nmap 7.94. Then OpenSSL 3.0.9 was released on May 30. I also just added CVE-2023-2650, which has also been fixed in 3.0.9. While none of these CVE's affect Nmap (generally since it doesn't use the features involved), we understand that users don't like to even have the "vulnerable" DLL's on their system. So we'll make sure to upgrade to 3.0.9 for the next release.

[acasadoual]

Now OpenSSL 3.0.13 CVE-2024-0727, CVE-2023-6237 and CVE-2023-6129

[dmiller-nmap]

Resolved with Nmap 7.95.