{"id":"CVE-2023-6237","details":"Issue summary: Checking excessively long invalid RSA public keys may take\na long time.\n\nImpact summary: Applications that use the function EVP_PKEY_public_check()\nto check RSA public keys may experience long delays. Where the key that\nis being checked has been obtained from an untrusted source this may lead\nto a Denial of Service.\n\nWhen function EVP_PKEY_public_check() is called on RSA public keys,\na computation is done to confirm that the RSA modulus, n, is composite.\nFor valid RSA keys, n is a product of two or more large primes and this\ncomputation completes quickly. However, if n is an overly large prime,\nthen this computation would take a long time.\n\nAn application that calls EVP_PKEY_public_check() and supplies an RSA key\nobtained from an untrusted source could be vulnerable to a Denial of Service\nattack.\n\nThe function EVP_PKEY_public_check() is not called from other OpenSSL\nfunctions however it is called from the OpenSSL pkey command line\napplication. For that reason that application is also vulnerable if used\nwith the '-pubin' and '-check' options on untrusted data.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.","modified":"2026-04-16T04:34:09.429444705Z","published":"2024-04-25T07:15:45.270Z","related":["ALSA-2024:2447","ALSA-2024:9088","CGA-62vj-r9x6-x394","SUSE-SU-2024:0172-1","SUSE-SU-2024:0518-1","openSUSE-SU-2024:13633-1"],"references":[{"type":"WEB","url":"https://www.openssl.org/news/secadv/20240115.txt"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2024/03/11/1"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20240531-0007/"},{"type":"FIX","url":"https://github.com/openssl/openssl/commit/0b0f7abfb37350794a4b8960fafc292cd5d1b84d"},{"type":"FIX","url":"https://github.com/openssl/openssl/commit/18c02492138d1eb8b6548cb26e7b625fb2414a2a"},{"type":"FIX","url":"https://github.com/openssl/openssl/commit/a830f551557d3d66a84bbb18a5b889c640c36294"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/openssl/openssl","events":[{"introduced":"0"},{"fixed":"0b0f7abfb37350794a4b8960fafc292cd5d1b84d"}]},{"type":"GIT","repo":"https://github.com/openssl/openssl","events":[{"introduced":"0"},{"fixed":"18c02492138d1eb8b6548cb26e7b625fb2414a2a"}]},{"type":"GIT","repo":"https://github.com/openssl/openssl","events":[{"introduced":"0"},{"fixed":"a830f551557d3d66a84bbb18a5b889c640c36294"}]},{"type":"GIT","repo":"https://github.com/openssl/openssl","events":[{"introduced":"0"},{"fixed":"0b0f7abfb37350794a4b8960fafc292cd5d1b84d"}]},{"type":"GIT","repo":"https://github.com/openssl/openssl","events":[{"introduced":"0"},{"fixed":"18c02492138d1eb8b6548cb26e7b625fb2414a2a"}]},{"type":"GIT","repo":"https://github.com/openssl/openssl","events":[{"introduced":"0"},{"fixed":"a830f551557d3d66a84bbb18a5b889c640c36294"}]}],"versions":["BEFORE_engine","OpenSSL_0_9_1c","OpenSSL_0_9_2b","OpenSSL_0_9_3","OpenSSL_0_9_3a","OpenSSL_0_9_3beta2","OpenSSL_0_9_4","OpenSSL_0_9_5a","OpenSSL_0_9_5a-beta1","OpenSSL_0_9_5a-beta2","OpenSSL_0_9_5beta1","OpenSSL_0_9_5beta2","OpenSSL_0_9_6-beta3","OpenSSL_1_1_0-pre1","OpenSSL_1_1_0-pre2","OpenSSL_1_1_0-pre3","OpenSSL_1_1_0-pre4","OpenSSL_1_1_0-pre5","OpenSSL_1_1_0-pre6","OpenSSL_1_1_1","OpenSSL_1_1_1-pre1","OpenSSL_1_1_1-pre2","OpenSSL_1_1_1-pre3","OpenSSL_1_1_1-pre4","OpenSSL_1_1_1-pre5","OpenSSL_1_1_1-pre6","OpenSSL_1_1_1-pre7","OpenSSL_1_1_1-pre8","OpenSSL_1_1_1-pre9","master-post-auto-reformat","master-post-reformat","master-pre-auto-reformat","master-pre-reformat","openssl-3.0.0","openssl-3.0.0-alpha1","openssl-3.0.0-alpha10","openssl-3.0.0-alpha11","openssl-3.0.0-alpha12","openssl-3.0.0-alpha13","openssl-3.0.0-alpha14","openssl-3.0.0-alpha15","openssl-3.0.0-alpha16","openssl-3.0.0-alpha17","openssl-3.0.0-alpha2","openssl-3.0.0-alpha3","openssl-3.0.0-alpha4","openssl-3.0.0-alpha5","openssl-3.0.0-alpha6","openssl-3.0.0-alpha7","openssl-3.0.0-alpha8","openssl-3.0.0-alpha9","openssl-3.0.0-beta1","openssl-3.0.0-beta2","openssl-3.0.1","openssl-3.0.10","openssl-3.0.11","openssl-3.0.12","openssl-3.0.2","openssl-3.0.3","openssl-3.0.4","openssl-3.0.5","openssl-3.0.6","openssl-3.0.7","openssl-3.0.8","openssl-3.0.9","openssl-3.1.0","openssl-3.1.0-alpha1","openssl-3.1.0-beta1","openssl-3.1.1","openssl-3.1.2","openssl-3.1.3","openssl-3.1.4","openssl-3.2.0","openssl-3.2.0-alpha1","openssl-3.2.0-alpha2","openssl-3.2.0-beta1"],"database_specific":{"vanir_signatures":[{"target":{"function":"ossl_rsa_sp800_56b_check_public","file":"crypto/rsa/rsa_sp800_56b_check.c"},"signature_version":"v1","deprecated":false,"source":"https://github.com/openssl/openssl/commit/0b0f7abfb37350794a4b8960fafc292cd5d1b84d","digest":{"length":1258,"function_hash":"36262343259786368621085857695218833956"},"signature_type":"Function","id":"CVE-2023-6237-07b4356d"},{"deprecated":false,"signature_version":"v1","target":{"file":"crypto/rsa/rsa_sp800_56b_check.c"},"id":"CVE-2023-6237-3d282511","digest":{"threshold":0.9,"line_hashes":["5799985256469090440161975918621279176","231956326038171660204156138522531293340","72751756268789884712810101003534450503","314070120765545521861021195160721661288","163275361520424784336712083888861921840","80433659035868977858238900915029720241","55330043341397734539339972248704545042","79386981174192347288537193082013598235"]},"signature_type":"Line","source":"https://github.com/openssl/openssl/commit/18c02492138d1eb8b6548cb26e7b625fb2414a2a"},{"target":{"file":"crypto/rsa/rsa_sp800_56b_check.c"},"signature_version":"v1","deprecated":false,"source":"https://github.com/openssl/openssl/commit/0b0f7abfb37350794a4b8960fafc292cd5d1b84d","digest":{"threshold":0.9,"line_hashes":["5799985256469090440161975918621279176","231956326038171660204156138522531293340","72751756268789884712810101003534450503","314070120765545521861021195160721661288","163275361520424784336712083888861921840","80433659035868977858238900915029720241","55330043341397734539339972248704545042","79386981174192347288537193082013598235"]},"signature_type":"Line","id":"CVE-2023-6237-7dd742ac"},{"deprecated":false,"signature_version":"v1","target":{"function":"ossl_rsa_sp800_56b_check_public","file":"crypto/rsa/rsa_sp800_56b_check.c"},"source":"https://github.com/openssl/openssl/commit/18c02492138d1eb8b6548cb26e7b625fb2414a2a","digest":{"length":1258,"function_hash":"36262343259786368621085857695218833956"},"signature_type":"Function","id":"CVE-2023-6237-8aca94dc"},{"deprecated":false,"signature_version":"v1","target":{"file":"crypto/rsa/rsa_sp800_56b_check.c"},"source":"https://github.com/openssl/openssl/commit/a830f551557d3d66a84bbb18a5b889c640c36294","digest":{"threshold":0.9,"line_hashes":["5799985256469090440161975918621279176","231956326038171660204156138522531293340","72751756268789884712810101003534450503","314070120765545521861021195160721661288","163275361520424784336712083888861921840","80433659035868977858238900915029720241","55330043341397734539339972248704545042","79386981174192347288537193082013598235"]},"signature_type":"Line","id":"CVE-2023-6237-98851d99"},{"target":{"function":"ossl_rsa_sp800_56b_check_public","file":"crypto/rsa/rsa_sp800_56b_check.c"},"signature_version":"v1","deprecated":false,"source":"https://github.com/openssl/openssl/commit/a830f551557d3d66a84bbb18a5b889c640c36294","digest":{"length":1258,"function_hash":"36262343259786368621085857695218833956"},"signature_type":"Function","id":"CVE-2023-6237-e95520da"}],"vanir_signatures_modified":"2026-04-12T09:09:26Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-6237.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}