Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!Close


Published: 31 July 2023

Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p. An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check(). Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the "-check" option. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.


Priority reason:
Upstream rates this as having low severity



Cvss 3 Severity Score


Score breakdown


Package Release Status
Launchpad, Ubuntu, Debian
trusty Needs triage

Released (1.0.2g-1ubuntu4.20+esm10)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only)
Released (1.1.1-1ubuntu2.1~18.04.23+esm3)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only)
upstream Needs triage

Released (1.1.1f-1ubuntu2.20)
Released (3.0.2-0ubuntu1.12)
mantic Not vulnerable
Released (3.0.8-1ubuntu1.4)
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Needs triage

focal Does not exist

jammy Does not exist

lunar Does not exist

upstream Needs triage

mantic Does not exist

Launchpad, Ubuntu, Debian
trusty Not vulnerable
(uses system openssl)
xenial Needs triage

bionic Needs triage

focal Not vulnerable
(uses system openssl)
jammy Needed

lunar Not vulnerable
(uses system openssl)
upstream Needs triage

mantic Not vulnerable
(uses system openssl)
Launchpad, Ubuntu, Debian
trusty Ignored
(end of standard support)
xenial Needs triage

bionic Needs triage

focal Needs triage

jammy Needs triage

lunar Needs triage

upstream Needs triage

mantic Needs triage

Severity score breakdown

Parameter Value
Base score 5.3
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Scope Unchanged
Confidentiality None
Integrity impact None
Availability impact Low
Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L