{"dataType":"CVE_RECORD","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-2097","assignerOrgId":"3a12439a-ef3a-4c79-92e6-6081a721f1e5","assignerShortName":"openssl","dateUpdated":"2024-09-17T01:06:49.390Z","dateReserved":"2022-06-16T00:00:00.000Z","datePublished":"2022-07-05T10:30:13.658Z"},"containers":{"cna":{"title":"AES OCB fails to encrypt some bytes","datePublic":"2022-07-05T00:00:00.000Z","providerMetadata":{"orgId":"3a12439a-ef3a-4c79-92e6-6081a721f1e5","shortName":"openssl","dateUpdated":"2024-06-21T19:07:25.963Z"},"descriptions":[{"lang":"en","value":"AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of \"in place\" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p)."}],"affected":[{"vendor":"OpenSSL","product":"OpenSSL","versions":[{"version":"Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4)","status":"affected"},{"version":"Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p)","status":"affected"}]}],"references":[{"url":"https://www.openssl.org/news/secadv/20220705.txt"},{"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a98f339ddd7e8f487d6e0088d4a9a42324885a93"},{"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=919925673d6c9cfed3c1085497f5dfbbed5fc431"},{"name":"FEDORA-2022-3fdc2d3047","tags":["vendor-advisory"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/"},{"name":"FEDORA-2022-89a17be281","tags":["vendor-advisory"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/"},{"url":"https://security.netapp.com/advisory/ntap-20220715-0011/"},{"name":"FEDORA-2022-41890e9e44","tags":["vendor-advisory"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/"},{"name":"GLSA-202210-02","tags":["vendor-advisory"],"url":"https://security.gentoo.org/glsa/202210-02"},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf"},{"name":"DSA-5343","tags":["vendor-advisory"],"url":"https://www.debian.org/security/2023/dsa-5343"},{"name":"[debian-lts-announce] 20230220 [SECURITY] [DLA 3325-1] openssl security update","tags":["mailing-list"],"url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html"},{"url":"https://security.netapp.com/advisory/ntap-20230420-0008/"},{"url":"https://security.netapp.com/advisory/ntap-20240621-0006/"}],"credits":[{"lang":"en","value":"Alex Chernyakhovsky"}],"metrics":[{"other":{"type":"unknown","content":{"lang":"eng","url":"https://www.openssl.org/policies/secpolicy.html#moderate","value":"Moderate"}}}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"Fencepost error"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T00:24:44.189Z"},"title":"CVE Program Container","references":[{"url":"https://www.openssl.org/news/secadv/20220705.txt","tags":["x_transferred"]},{"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a98f339ddd7e8f487d6e0088d4a9a42324885a93","tags":["x_transferred"]},{"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=919925673d6c9cfed3c1085497f5dfbbed5fc431","tags":["x_transferred"]},{"name":"FEDORA-2022-3fdc2d3047","tags":["vendor-advisory","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/"},{"name":"FEDORA-2022-89a17be281","tags":["vendor-advisory","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/"},{"url":"https://security.netapp.com/advisory/ntap-20220715-0011/","tags":["x_transferred"]},{"name":"FEDORA-2022-41890e9e44","tags":["vendor-advisory","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/"},{"name":"GLSA-202210-02","tags":["vendor-advisory","x_transferred"],"url":"https://security.gentoo.org/glsa/202210-02"},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf","tags":["x_transferred"]},{"name":"DSA-5343","tags":["vendor-advisory","x_transferred"],"url":"https://www.debian.org/security/2023/dsa-5343"},{"name":"[debian-lts-announce] 20230220 [SECURITY] [DLA 3325-1] openssl security update","tags":["mailing-list","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html"},{"url":"https://security.netapp.com/advisory/ntap-20230420-0008/","tags":["x_transferred"]},{"url":"https://security.netapp.com/advisory/ntap-20240621-0006/","tags":["x_transferred"]}]},{"affected":[{"vendor":"openssl","product":"openssl","cpes":["cpe:2.3:a:openssl:openssl:1.1.1:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"1.1.1","status":"affected","lessThan":"1.1.1q","versionType":"custom"}]},{"vendor":"openssl","product":"openssl","cpes":["cpe:2.3:a:openssl:openssl:3.0.0:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"3.0.0","status":"affected","lessThan":"3.0.5","versionType":"custom"}]},{"vendor":"netapp","product":"ontap_antivirus_connector","cpes":["cpe:2.3:a:netapp:ontap_antivirus_connector:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected"}]},{"vendor":"netapp","product":"ontap_select_deploy_administration_utility","cpes":["cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected"}]},{"vendor":"fedoraproject","product":"fedora","cpes":["cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*","cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"35","status":"affected"},{"version":"36","status":"affected"}]},{"vendor":"netapp","product":"active_iq_unified_manager_for_vmware_vsphere","cpes":["cpe:2.3:a:netapp:active_iq_unified_manager_for_vmware_vsphere:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected"}]},{"vendor":"netapp","product":"hci_baseboard_management_controller","cpes":["cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*","cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*","cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*","cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*","cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"h300s","status":"affected"},{"version":"h410c","status":"affected"},{"version":"h410s","status":"affected"},{"version":"h500s","status":"affected"},{"version":"h700s","status":"affected"}]},{"vendor":"netapp","product":"brocade_fabric_operating_system_firmware","cpes":["cpe:2.3:o:netapp:brocade_fabric_operating_system_firmware:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected"}]},{"vendor":"netapp","product":"snapcenter","cpes":["cpe:2.3:a:netapp:snapcenter:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected"}]},{"vendor":"netapp","product":"oncommand_insight","cpes":["cpe:2.3:a:netapp:oncommand_insight:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected"}]},{"vendor":"netapp","product":"smi-s_provider","cpes":["cpe:2.3:a:netapp:smi-s_provider:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected"}]},{"vendor":"siemens","product":"sinec_ins","cpes":["cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0","status":"affected","lessThan":"1.0_sp2_update_1","versionType":"custom"}]},{"vendor":"debian","product":"debian_linux","cpes":["cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"10.0","status":"affected"},{"version":"11.0","status":"affected"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-07-26T19:45:07.166681Z","id":"CVE-2022-2097","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-08-08T15:19:36.662Z"}}]},"dataVersion":"5.1"}