{ "document": { "aggregate_severity": { "text": "High" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_alt_common/debian11/vex/2023/cve-2023-0401-els_alt_common-debian11.json" } ], "tracking": { "current_release_date": "2026-06-12T16:34:33Z", "generator": { "date": "2026-06-12T16:34:33Z", "engine": { "name": "pyCSAF" } }, "id": "CVE-2023-0401-ELS_ALT_COMMON-DEBIAN11", "initial_release_date": "2023-02-08T20:15:00Z", "revision_history": [ { "date": "2023-02-08T20:15:00Z", "number": "1", "summary": "Initial version" }, { "date": "2026-06-12T16:34:33Z", "number": "2", "summary": "Official Publication" } ], "status": "final", "version": "2" }, "title": "Security update on CVE-2023-0401" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Debian 11", "product": { "name": "Debian 11", "product_id": "Debian-11", "product_identification_helper": { "cpe": "cpe:2.3:o:debian:debian_linux:11:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Debian" } ], "category": "vendor", "name": "Software in the Public Interest, Inc." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "alt-openssl-dev-0:1.1.1w-3.2.amd64", "product": { "name": "alt-openssl-dev-0:1.1.1w-3.2.amd64", "product_id": "alt-openssl-dev-0:1.1.1w-3.2.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl-dev@1.1.1w-3.2?arch=amd64&os_name=debian&os_version=11" } } }, { "category": "product_version", "name": "alt-openssl-dev-0:1.1.1w-3.4.amd64", "product": { "name": "alt-openssl-dev-0:1.1.1w-3.4.amd64", "product_id": "alt-openssl-dev-0:1.1.1w-3.4.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl-dev@1.1.1w-3.4?arch=amd64&os_name=debian&os_version=11" } } }, { "category": "product_version", "name": "alt-openssl-dev-0:1.1.1w-3.1.amd64", "product": { "name": "alt-openssl-dev-0:1.1.1w-3.1.amd64", "product_id": "alt-openssl-dev-0:1.1.1w-3.1.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl-dev@1.1.1w-3.1?arch=amd64&os_name=debian&os_version=11" } } }, { "category": "product_version", "name": "alt-openssl-libs-0:1.1.1w-3.2.amd64", "product": { "name": "alt-openssl-libs-0:1.1.1w-3.2.amd64", "product_id": "alt-openssl-libs-0:1.1.1w-3.2.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl-libs@1.1.1w-3.2?arch=amd64&os_name=debian&os_version=11" } } }, { "category": "product_version", "name": "alt-openssl-libs-0:1.1.1w-3.4.amd64", "product": { "name": "alt-openssl-libs-0:1.1.1w-3.4.amd64", "product_id": "alt-openssl-libs-0:1.1.1w-3.4.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl-libs@1.1.1w-3.4?arch=amd64&os_name=debian&os_version=11" } } }, { "category": "product_version", "name": "alt-openssl-libs-0:1.1.1w-3.1.amd64", "product": { "name": "alt-openssl-libs-0:1.1.1w-3.1.amd64", "product_id": "alt-openssl-libs-0:1.1.1w-3.1.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl-libs@1.1.1w-3.1?arch=amd64&os_name=debian&os_version=11" } } }, { "category": "product_version", "name": "alt-openssl-0:1.1.1w-3.2.amd64", "product": { "name": "alt-openssl-0:1.1.1w-3.2.amd64", "product_id": "alt-openssl-0:1.1.1w-3.2.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl@1.1.1w-3.2?arch=amd64&os_name=debian&os_version=11" } } }, { "category": "product_version", "name": "alt-openssl-0:1.1.1w-3.1.amd64", "product": { "name": "alt-openssl-0:1.1.1w-3.1.amd64", "product_id": "alt-openssl-0:1.1.1w-3.1.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl@1.1.1w-3.1?arch=amd64&os_name=debian&os_version=11" } } }, { "category": "product_version", "name": "alt-openssl-0:1.1.1w-3.4.amd64", "product": { "name": "alt-openssl-0:1.1.1w-3.4.amd64", "product_id": "alt-openssl-0:1.1.1w-3.4.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl@1.1.1w-3.4?arch=amd64&os_name=debian&os_version=11" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "alt-openssl-doc-0:1.1.1w-3.4.all", "product": { "name": "alt-openssl-doc-0:1.1.1w-3.4.all", "product_id": "alt-openssl-doc-0:1.1.1w-3.4.all", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl-doc@1.1.1w-3.4?arch=all&os_name=debian&os_version=11" } } }, { "category": "product_version", "name": "alt-openssl-doc-0:1.1.1w-3.1.all", "product": { "name": "alt-openssl-doc-0:1.1.1w-3.1.all", "product_id": "alt-openssl-doc-0:1.1.1w-3.1.all", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl-doc@1.1.1w-3.1?arch=all&os_name=debian&os_version=11" } } }, { "category": "product_version", "name": "alt-openssl-doc-0:1.1.1w-3.2.all", "product": { "name": "alt-openssl-doc-0:1.1.1w-3.2.all", "product_id": "alt-openssl-doc-0:1.1.1w-3.2.all", "product_identification_helper": { "purl": "pkg:deb/tuxcare/alt-openssl-doc@1.1.1w-3.2?arch=all&os_name=debian&os_version=11" } } } ], "category": "architecture", "name": "all" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-dev-0:1.1.1w-3.2.amd64 as a component of Debian 11", "product_id": "Debian-11:alt-openssl-dev-0:1.1.1w-3.2.amd64" }, "product_reference": "alt-openssl-dev-0:1.1.1w-3.2.amd64", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-dev-0:1.1.1w-3.4.amd64 as a component of Debian 11", "product_id": "Debian-11:alt-openssl-dev-0:1.1.1w-3.4.amd64" }, "product_reference": "alt-openssl-dev-0:1.1.1w-3.4.amd64", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-dev-0:1.1.1w-3.1.amd64 as a component of Debian 11", "product_id": "Debian-11:alt-openssl-dev-0:1.1.1w-3.1.amd64" }, "product_reference": "alt-openssl-dev-0:1.1.1w-3.1.amd64", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-doc-0:1.1.1w-3.4.all as a component of Debian 11", "product_id": "Debian-11:alt-openssl-doc-0:1.1.1w-3.4.all" }, "product_reference": "alt-openssl-doc-0:1.1.1w-3.4.all", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-doc-0:1.1.1w-3.1.all as a component of Debian 11", "product_id": "Debian-11:alt-openssl-doc-0:1.1.1w-3.1.all" }, "product_reference": "alt-openssl-doc-0:1.1.1w-3.1.all", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-doc-0:1.1.1w-3.2.all as a component of Debian 11", "product_id": "Debian-11:alt-openssl-doc-0:1.1.1w-3.2.all" }, "product_reference": "alt-openssl-doc-0:1.1.1w-3.2.all", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-libs-0:1.1.1w-3.2.amd64 as a component of Debian 11", "product_id": "Debian-11:alt-openssl-libs-0:1.1.1w-3.2.amd64" }, "product_reference": "alt-openssl-libs-0:1.1.1w-3.2.amd64", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-libs-0:1.1.1w-3.4.amd64 as a component of Debian 11", "product_id": "Debian-11:alt-openssl-libs-0:1.1.1w-3.4.amd64" }, "product_reference": "alt-openssl-libs-0:1.1.1w-3.4.amd64", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-libs-0:1.1.1w-3.1.amd64 as a component of Debian 11", "product_id": "Debian-11:alt-openssl-libs-0:1.1.1w-3.1.amd64" }, "product_reference": "alt-openssl-libs-0:1.1.1w-3.1.amd64", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-0:1.1.1w-3.2.amd64 as a component of Debian 11", "product_id": "Debian-11:alt-openssl-0:1.1.1w-3.2.amd64" }, "product_reference": "alt-openssl-0:1.1.1w-3.2.amd64", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-0:1.1.1w-3.1.amd64 as a component of Debian 11", "product_id": "Debian-11:alt-openssl-0:1.1.1w-3.1.amd64" }, "product_reference": "alt-openssl-0:1.1.1w-3.1.amd64", "relates_to_product_reference": "Debian-11" }, { "category": "default_component_of", "full_product_name": { "name": "alt-openssl-0:1.1.1w-3.4.amd64 as a component of Debian 11", "product_id": "Debian-11:alt-openssl-0:1.1.1w-3.4.amd64" }, "product_reference": "alt-openssl-0:1.1.1w-3.4.amd64", "relates_to_product_reference": "Debian-11" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-0401", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "description", "text": "A NULL pointer can be dereferenced when signatures are being\nverified on PKCS7 signed or signedAndEnveloped data. In case the hash\nalgorithm used for the signature is known to the OpenSSL library but\nthe implementation of the hash algorithm is not available the digest\ninitialization will fail. There is a missing check for the return\nvalue from the initialization function which later leads to invalid\nusage of the digest API most likely leading to a crash.\n\nThe unavailability of an algorithm can be caused by using FIPS\nenabled configuration of providers or more commonly by not loading\nthe legacy provider.\n\nPKCS7 data is processed by the SMIME library calls and also by the\ntime stamp (TS) library calls. The TLS implementation in OpenSSL does\nnot call these functions however third party applications would be\naffected if they call these functions to verify signatures on untrusted\ndata.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "other", "text": "TuxCare has assessed that this vulnerability does not impact any currently supported TuxCare products. This evaluation may change as new information becomes available. For additional details regarding this vulnerability and affected products, refer to the provided references.", "title": "Statement" } ], "product_status": { "known_not_affected": [ "Debian-11:alt-openssl-0:1.1.1w-3.1.amd64", "Debian-11:alt-openssl-0:1.1.1w-3.2.amd64", "Debian-11:alt-openssl-0:1.1.1w-3.4.amd64", "Debian-11:alt-openssl-dev-0:1.1.1w-3.1.amd64", "Debian-11:alt-openssl-dev-0:1.1.1w-3.2.amd64", "Debian-11:alt-openssl-dev-0:1.1.1w-3.4.amd64", "Debian-11:alt-openssl-doc-0:1.1.1w-3.1.all", "Debian-11:alt-openssl-doc-0:1.1.1w-3.2.all", "Debian-11:alt-openssl-doc-0:1.1.1w-3.4.all", "Debian-11:alt-openssl-libs-0:1.1.1w-3.1.amd64", "Debian-11:alt-openssl-libs-0:1.1.1w-3.2.amd64", "Debian-11:alt-openssl-libs-0:1.1.1w-3.4.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els-lang/cve/CVE-2023-0401" }, { "category": "external", "summary": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d3b6dfd70db844c4499bec6ad6601623a565e674", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d3b6dfd70db844c4499bec6ad6601623a565e674" }, { "category": "external", "summary": "https://security.gentoo.org/glsa/202402-08", "url": "https://security.gentoo.org/glsa/202402-08" }, { "category": "external", "summary": "https://www.openssl.org/news/secadv/20230207.txt", "url": "https://www.openssl.org/news/secadv/20230207.txt" }, { "category": "external", "summary": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003", "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0003" } ], "release_date": "2023-02-08T20:15:00Z", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Debian-11:alt-openssl-0:1.1.1w-3.1.amd64", "Debian-11:alt-openssl-0:1.1.1w-3.2.amd64", "Debian-11:alt-openssl-0:1.1.1w-3.4.amd64", "Debian-11:alt-openssl-dev-0:1.1.1w-3.1.amd64", "Debian-11:alt-openssl-dev-0:1.1.1w-3.2.amd64", "Debian-11:alt-openssl-dev-0:1.1.1w-3.4.amd64", "Debian-11:alt-openssl-doc-0:1.1.1w-3.1.all", "Debian-11:alt-openssl-doc-0:1.1.1w-3.2.all", "Debian-11:alt-openssl-doc-0:1.1.1w-3.4.all", "Debian-11:alt-openssl-libs-0:1.1.1w-3.1.amd64", "Debian-11:alt-openssl-libs-0:1.1.1w-3.2.amd64", "Debian-11:alt-openssl-libs-0:1.1.1w-3.4.amd64" ] } ], "threats": [ { "category": "impact", "details": "Important" }, { "category": "impact", "date": "2026-06-12T13:13:15.684340Z", "details": "important", "product_ids": [ "Debian-11:alt-openssl-0:1.1.1w-3.1.amd64", "Debian-11:alt-openssl-0:1.1.1w-3.2.amd64", "Debian-11:alt-openssl-0:1.1.1w-3.4.amd64", "Debian-11:alt-openssl-dev-0:1.1.1w-3.1.amd64", "Debian-11:alt-openssl-dev-0:1.1.1w-3.2.amd64", "Debian-11:alt-openssl-dev-0:1.1.1w-3.4.amd64", "Debian-11:alt-openssl-doc-0:1.1.1w-3.1.all", "Debian-11:alt-openssl-doc-0:1.1.1w-3.2.all", "Debian-11:alt-openssl-doc-0:1.1.1w-3.4.all", "Debian-11:alt-openssl-libs-0:1.1.1w-3.1.amd64", "Debian-11:alt-openssl-libs-0:1.1.1w-3.2.amd64", "Debian-11:alt-openssl-libs-0:1.1.1w-3.4.amd64" ] } ] } ] }