CVE-2022-0778
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-0778
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-0778.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-0778
- Aliases
- Downstream
- Related
- Published
- 2022-03-15T17:15:08Z
- Modified
- 2025-09-30T07:53:24.647383Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The BNmodsqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BNmodsqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).
- References
-
- http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html
- http://seclists.org/fulldisclosure/2022/May/33
- http://seclists.org/fulldisclosure/2022/May/35
- http://seclists.org/fulldisclosure/2022/May/38
- https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf
- https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html
- https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002
- https://security.gentoo.org/glsa/202210-02
- https://security.netapp.com/advisory/ntap-20220321-0002/
- https://security.netapp.com/advisory/ntap-20220429-0005/
- https://security.netapp.com/advisory/ntap-20240621-0006/
- https://support.apple.com/kb/HT213255
- https://support.apple.com/kb/HT213256
- https://support.apple.com/kb/HT213257
- https://www.debian.org/security/2022/dsa-5103
- https://www.openssl.org/news/secadv/20220315.txt
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://www.tenable.com/security/tns-2022-06
- https://www.tenable.com/security/tns-2022-07
- https://www.tenable.com/security/tns-2022-08
- https://www.tenable.com/security/tns-2022-09
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3118eb64934499d93db3230748a452351d1d9a65
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=380085481c64de749a6dd25cdf0bcf4360b30f83
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a466912611aa6cbdf550cd10601390e587451246
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/
Affected packages
Git / github.com/mariadb-corporation/mariadb-connector-nodejs
Affected ranges
- Type
- GIT
- Repo
- https://github.com/mariadb-corporation/mariadb-connector-nodejs
- Events
- Type
- GIT
- Repo
- https://github.com/mariadb/server
- Events
- Type
- GIT
- Repo
- https://github.com/nodejs/node
- Events
- Type
- GIT
- Repo
- https://github.com/openssl/openssl
- Events
Affected versions
3.*
3.0.0-ga
3.0.1
v12.*
v12.13.0
v12.13.1
v12.14.0
v12.14.1
v12.15.0
v12.16.0
v12.16.1
v12.16.2
v12.16.3
v12.17.0
v12.18.0
v12.18.1
v12.18.2
v12.18.3
v12.18.4
v12.19.0
v12.19.1
v12.20.0
v12.20.1
v12.20.2
v12.21.0
v12.22.0
v12.22.1
v12.22.10
v12.22.2
v12.22.3
v12.22.4
v12.22.5
v12.22.6
v12.22.7
v12.22.8
v12.22.9
Database specific
{
"vanir_signatures": [
{
"target": {
"file": "sql/sql_insert.cc",
"function": "save_insert_query_plan"
},
"signature_version": "v1",
"id": "CVE-2022-0778-1bcbcc0a",
"source": "https://github.com/mariadb/server/commit/78564373fee5e6cccf144b11bc60b0876b4bbd0b",
"digest": {
"length": 539.0,
"function_hash": "143928694554246599964388922123655825311"
},
"deprecated": false,
"signature_type": "Function"
},
{
"target": {
"file": "sql/sql_select.cc"
},
"signature_version": "v1",
"id": "CVE-2022-0778-1c37f015",
"source": "https://github.com/mariadb/server/commit/78564373fee5e6cccf144b11bc60b0876b4bbd0b",
"digest": {
"threshold": 0.9,
"line_hashes": [
"184624688822326820137669327007162397916",
"191372394860713645665440263424136104101",
"174921892666626593579197514320704675980",
"184594162286123241116060895520726497711",
"114981082015592945940870693398477303691",
"25308841709836635247173558801234276757",
"321826629992771760882463391035226771827",
"133808144812579614697621387006256886310",
"142706633921872603323457835938516060006",
"207762970156071676574091120280215459472",
"52785397963342448070982256765371850264",
"230191404739277406919508755650248314386",
"197613591421396413532198844379570151333",
"241036966626414720750301056683921230634",
"196099397888129194305053623518855328177",
"109049649839917964796515703263261047334",
"179020584707001411755861138257226165064",
"168132223801976699650668544174466586990",
"102235116445772971533415874729718355971",
"64931584361589799048769284434778021208",
"264469681390690839958558297522008233785",
"317510823114653361368051809839897766609",
"283263820113155311149054123979111773873",
"120476915490231163425524082989724558472",
"81728944473704551680171471920011384457",
"112266891731631588862273962918834795622",
"339802515964657508269426460395909658920",
"141464255640297136830274681034847282081",
"59903329391232971403084852451793713903",
"27461365552820892860251894398502102145",
"335991456171397269056601541938548968670",
"87391211852859669557058494068995714331",
"96287949116973146012115423931092010108",
"235604189887992235242556470009864714912",
"314366145537269709790617186270375121400",
"111009410975939885162164284524465521299",
"189635430735996323975558013518177710807",
"20388129424987213872916749465524637659",
"294700364242276523763034119561693381378",
"75336494572898873760030956022965147579",
"198318444952458789332975053065999646871",
"150737575490122962550679074447358898124",
"249678070856594318111143473341955802261",
"178672970503440884581247126228530410733"
]
},
"deprecated": false,
"signature_type": "Line"
},
{
"target": {
"file": "sql/sql_select.cc",
"function": "JOIN_TAB::update_explain_data"
},
"signature_version": "v1",
"id": "CVE-2022-0778-2368c104",
"source": "https://github.com/mariadb/server/commit/78564373fee5e6cccf144b11bc60b0876b4bbd0b",
"digest": {
"length": 627.0,
"function_hash": "237866696617503454160057748475500730046"
},
"deprecated": false,
"signature_type": "Function"
},
{
"target": {
"file": "sql/sql_delete.cc",
"function": "Update_plan::save_explain_data"
},
"signature_version": "v1",
"id": "CVE-2022-0778-26a54598",
"source": "https://github.com/mariadb/server/commit/78564373fee5e6cccf144b11bc60b0876b4bbd0b",
"digest": {
"length": 203.0,
"function_hash": "322044020997528670043920843737780195648"
},
"deprecated": false,
"signature_type": "Function"
},
{
"target": {
"file": "sql/sql_explain.cc",
"function": "create_explain_query"
},
"signature_version": "v1",
"id": "CVE-2022-0778-2aa370f8",
"source": "https://github.com/mariadb/server/commit/78564373fee5e6cccf144b11bc60b0876b4bbd0b",
"digest": {
"length": 215.0,
"function_hash": "330683709507810645398616998959312752961"
},
"deprecated": false,
"signature_type": "Function"
},
{
"target": {
"file": "sql/sql_delete.cc",
"function": "Delete_plan::save_explain_data"
},
"signature_version": "v1",
"id": "CVE-2022-0778-31ea4266",
"source": "https://github.com/mariadb/server/commit/78564373fee5e6cccf144b11bc60b0876b4bbd0b",
"digest": {
"length": 418.0,
"function_hash": "249391553874468262586225591922410794365"
},
"deprecated": false,
"signature_type": "Function"
},
{
"target": {
"file": "sql/sql_explain.cc",
"function": "Explain_query::send_explain"
},
"signature_version": "v1",
"id": "CVE-2022-0778-5cfdda37",
"source": "https://github.com/mariadb/server/commit/78564373fee5e6cccf144b11bc60b0876b4bbd0b",
"digest": {
"length": 486.0,
"function_hash": "93287788645905316460810163886592315489"
},
"deprecated": false,
"signature_type": "Function"
},
{
"target": {
"file": "sql/sql_explain.cc",
"function": "Explain_query::Explain_query"
},
"signature_version": "v1",
"id": "CVE-2022-0778-76464b6d",
"source": "https://github.com/mariadb/server/commit/78564373fee5e6cccf144b11bc60b0876b4bbd0b",
"digest": {
"length": 156.0,
"function_hash": "181464225951076655002217964359427214882"
},
"deprecated": false,
"signature_type": "Function"
},
{
"target": {
"file": "sql/sql_lex.cc",
"function": "st_select_lex_unit::save_union_explain"
},
"signature_version": "v1",
"id": "CVE-2022-0778-8363eea1",
"source": "https://github.com/mariadb/server/commit/78564373fee5e6cccf144b11bc60b0876b4bbd0b",
"digest": {
"length": 597.0,
"function_hash": "238579845775609517452055966823154282926"
},
"deprecated": false,
"signature_type": "Function"
},
{
"target": {
"file": "sql/sql_explain.h"
},
"signature_version": "v1",
"id": "CVE-2022-0778-8803e40b",
"source": "https://github.com/mariadb/server/commit/78564373fee5e6cccf144b11bc60b0876b4bbd0b",
"digest": {
"threshold": 0.9,
"line_hashes": [
"153498372947137396461559705909146709511",
"268724915220442429325999425088120274977",
"92209556554204870040047974329725814526",
"180239060686624721801927379877975898362",
"105563193344180048741427630256432131955",
"257656703548549601083479363485784302248",
"331548940751182247382003363863369680603",
"96385089379029064342609424520494623363",
"289666369007315531443479868788372250743",
"43007366448873912566309240395187955630",
"79657492863365604319151141271705701773",
"92346140326941816712565586954311738539",
"295775502438768834235023358368994315416",
"185328856191871275945711804783034039081",
"224909383198415161010401300169947700818",
"249546205657661602779225005512454943797",
"329928933516781102507883183899609802790",
"115665141739482525697295811310402581178",
"178503830303776850144886572412474214880",
"10225767919865777593724628199162955644",
"207090964914730750875386278966441379320",
"220483806003110467655719535386261624898",
"143983541672354092019297552043430740204",
"317519842901572410269733931544824689552",
"292798904563530481392832875892604338886",
"43387506740473743984307593595813899686",
"139926332487718675982695055559894837318",
"285304101231096184955943490152969512866",
"228501128061361209342701960035408952535",
"154791902612748345927773925803283818549",
"100427462209659248119612627157386272594",
"7167328992534009760511462692653497640",
"211758636473762296732105290984921522608",
"128147352699988561037575006976430913795",
"184292799912639457219848371198094339039",
"313945175297729763015260541671171423842",
"279364408785345652460803083853935817529",
"319696813391367168753675485608937467098",
"261462380037408785352080478598730653853",
"220973941709271950628468993146992552138",
"190077392545328572060444061087865296754",
"297570603339715813525024051451068849917",
"333067563426364531681564854839069266039",
"256493331266508222669391687195066801776",
"82160473527887282109597150358280363960",
"276807755937466099331647428848259034543",
"310148029095408547048101075582201024997",
"311731142433063049681485366995017766158",
"4372168742659759291453192179555107238",
"83078633628252372143257626388938603272",
"218566111322703402116508605048577177580",
"338046132618846535660003964696016204479",
"88026065914348208502937825154944548969",
"176823463827627360741534997596792728322",
"278475046660745644057944222801252936548",
"100421492838063060889053423392611219757",
"78686472444998252867267923621531715543",
"331040161131337877957792918519329249776",
"15138575745662532029717409573423853626",
"109335542772794069911119107740123182926",
"218575466757917988849330475891104056836",
"300757285579218660207659056903696142686",
"1744633519160530198577215056526499762",
"128912303671720802158143742234669717636",
"265406882181045306667145828688402844560",
"151784320972559397141592073164641456928",
"132270075548073738665682008694289175225",
"170845102169148221383296949674356549258",
"243361980484162167819472781332891767978",
"16716323743862327775912333731350445887",
"238874331914528726996056928458546736698",
"306336594644168429790268025108095459966",
"31676956659163381409918338483221175308",
"244092951372070756402068918613715500458",
"82637985325509267438701184973165519917",
"6238638849428442491443494485864382008",
"207115513629277325956633568500959028195",
"298709935654486764885599247020121130143",
"277331715531721541133734821012966350736",
"173508916505096826970458547145432634791",
"152185890258316349320337192073480245026",
"155038709242161158319930886727432650103",
"304189525804194666845034637739971399896",
"171956776426985942414394511834353949576",
"167495960546738690218724849849251038627",
"234710412792311887364159017624431719003"
]
},
"deprecated": false,
"signature_type": "Line"
},
{
"target": {
"file": "sql/sql_insert.cc"
},
"signature_version": "v1",
"id": "CVE-2022-0778-abe58e82",
"source": "https://github.com/mariadb/server/commit/78564373fee5e6cccf144b11bc60b0876b4bbd0b",
"digest": {
"threshold": 0.9,
"line_hashes": [
"233428294681393459281483379360705615894",
"339344595215262455643495850645781729721",
"322118378124457821156243588273624755747",
"188546572912975698435675983225523438715"
]
},
"deprecated": false,
"signature_type": "Line"
},
{
"target": {
"file": "sql/sql_lex.cc"
},
"signature_version": "v1",
"id": "CVE-2022-0778-b8ce38a0",
"source": "https://github.com/mariadb/server/commit/78564373fee5e6cccf144b11bc60b0876b4bbd0b",
"digest": {
"threshold": 0.9,
"line_hashes": [
"316254683092236107527257602106638870598",
"28819999389784313826167915668325689521",
"314194945627240912861606439164210439054",
"316206985701665569073498001761391469599"
]
},
"deprecated": false,
"signature_type": "Line"
},
{
"target": {
"file": "include/openssl/opensslv.h"
},
"signature_version": "v1",
"id": "CVE-2022-0778-c377fa22",
"source": "https://github.com/openssl/openssl/commit/e04bd3433fd84e1861bf258ea37928d9845e6a86",
"digest": {
"threshold": 0.9,
"line_hashes": [
"28170854778703993674264004058177114599",
"73132526844288570625317440636111911761",
"177405411499435185068645597737938634778",
"224809958623850711330610094965797758930",
"295554444428855106393106961197201359586"
]
},
"deprecated": false,
"signature_type": "Line"
},
{
"target": {
"file": "sql/sql_delete.cc"
},
"signature_version": "v1",
"id": "CVE-2022-0778-c741e9f6",
"source": "https://github.com/mariadb/server/commit/78564373fee5e6cccf144b11bc60b0876b4bbd0b",
"digest": {
"threshold": 0.9,
"line_hashes": [
"119883289409241365968476123781423508304",
"22593043261955915367687771807843465275",
"202671885700817427457671198842485560026",
"201986032502185267093976846599242941556",
"196712390378052309226109497929919094462",
"183141328987084314845874667576702319058",
"278562138887181647765292792577308251719",
"18427581793046613875098518048541729773"
]
},
"deprecated": false,
"signature_type": "Line"
},
{
"target": {
"file": "sql/sql_select.cc",
"function": "JOIN::save_explain_data_intern"
},
"signature_version": "v1",
"id": "CVE-2022-0778-c8c876ad",
"source": "https://github.com/mariadb/server/commit/78564373fee5e6cccf144b11bc60b0876b4bbd0b",
"digest": {
"length": 2914.0,
"function_hash": "48813408077062799409198336181021116997"
},
"deprecated": false,
"signature_type": "Function"
},
{
"target": {
"file": "sql/sql_select.h"
},
"signature_version": "v1",
"id": "CVE-2022-0778-d0271462",
"source": "https://github.com/mariadb/server/commit/78564373fee5e6cccf144b11bc60b0876b4bbd0b",
"digest": {
"threshold": 0.9,
"line_hashes": [
"210000674417407585262608784913631618968",
"112785547307231971583594857376706111165",
"328452363087308056203770991886644783184",
"182390550905871137758677443280873193421"
]
},
"deprecated": false,
"signature_type": "Line"
},
{
"target": {
"file": "sql/sql_explain.cc",
"function": "Explain_basic_join::~Explain_basic_join"
},
"signature_version": "v1",
"id": "CVE-2022-0778-d046f52a",
"source": "https://github.com/mariadb/server/commit/78564373fee5e6cccf144b11bc60b0876b4bbd0b",
"digest": {
"length": 173.0,
"function_hash": "193620856204870918891077136149620507329"
},
"deprecated": false,
"signature_type": "Function"
},
{
"target": {
"file": "sql/sql_explain.cc"
},
"signature_version": "v1",
"id": "CVE-2022-0778-d67baa9d",
"source": "https://github.com/mariadb/server/commit/78564373fee5e6cccf144b11bc60b0876b4bbd0b",
"digest": {
"threshold": 0.9,
"line_hashes": [
"39651863520066635819633985993770211685",
"108315622527472715136798677355233243238",
"312329036940224304325043548611415149910",
"308079549732098030528668974586627974690",
"275601668984122799724110013100314545243",
"269642951359558540728103214318653718760",
"57129512751153901998576879913747922145",
"231998832783363445873712280855147895633",
"148946975590520513945099576100030440285",
"190794345911512240689067473465726333629",
"255197811773652115487784458630799256038",
"76518297283532873086955487183433796242",
"217313003323589558581727215873053005566",
"304312049139124116129374734638507404397",
"8880245050493604423439142438823823219",
"219878432845293691291919955511653507544",
"330213735414225453100746807390766130369",
"105010382843164135799779340707220400619",
"75798417922718238110887839374994314369",
"326185084601520523155177833323465368388",
"268716961812641801377391441599179641464",
"63154134656214522094370804811211196502",
"270018777321644182821958610067195941835",
"110185970217346405342733262019222741838",
"322165752396458057153277500684520974527",
"149028208061101786861808657026130909302",
"151424166106369771594386932080851734510",
"92871867382982921251676106240791415928"
]
},
"deprecated": false,
"signature_type": "Line"
},
{
"target": {
"file": "sql/sql_select.cc",
"function": "make_join_statistics"
},
"signature_version": "v1",
"id": "CVE-2022-0778-ecffc039",
"source": "https://github.com/mariadb/server/commit/78564373fee5e6cccf144b11bc60b0876b4bbd0b",
"digest": {
"length": 14482.0,
"function_hash": "241881771439316986767786700975834554728"
},
"deprecated": false,
"signature_type": "Function"
}
]
}