{"id":"CVE-2024-12797","details":"Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a\nserver may fail to notice that the server was not authenticated, because\nhandshakes don't abort as expected when the SSL_VERIFY_PEER verification mode\nis set.\n\nImpact summary: TLS and DTLS connections using raw public keys may be\nvulnerable to man-in-middle attacks when server authentication failure is not\ndetected by clients.\n\nRPKs are disabled by default in both TLS clients and TLS servers.  The issue\nonly arises when TLS clients explicitly enable RPK use by the server, and the\nserver, likewise, enables sending of an RPK instead of an X.509 certificate\nchain.  The affected clients are those that then rely on the handshake to\nfail when the server's RPK fails to match one of the expected public keys,\nby setting the verification mode to SSL_VERIFY_PEER.\n\nClients that enable server-side raw public keys can still find out that raw\npublic key verification failed by calling SSL_get_verify_result(), and those\nthat do, and take appropriate action, are not affected.  This issue was\nintroduced in the initial implementation of RPK support in OpenSSL 3.2.\n\nThe FIPS modules in 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.","aliases":["GHSA-79v4-65xg-pq4g"],"modified":"2026-04-12T08:35:11.848849Z","published":"2025-02-11T16:15:38.827Z","related":["ALSA-2025:1330","CGA-grh5-h34q-5f38","SUSE-SU-2025:02042-1","USN-7264-1","openSUSE-SU-2025:14802-1"],"references":[{"type":"WEB","url":"https://openssl-library.org/news/secadv/20250211.txt"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2025/02/11/3"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2025/02/11/4"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20250214-0001/"},{"type":"FIX","url":"https://github.com/openssl/openssl/commit/738d4f9fdeaad57660dcba50a619fafced3fd5e9"},{"type":"FIX","url":"https://github.com/openssl/openssl/commit/798779d43494549b611233f92652f0da5328fbe7"},{"type":"FIX","url":"https://github.com/openssl/openssl/commit/87ebd203feffcf92ad5889df92f90bb0ee10a699"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/openssl/openssl","events":[{"introduced":"0"},{"fixed":"738d4f9fdeaad57660dcba50a619fafced3fd5e9"}]},{"type":"GIT","repo":"https://github.com/openssl/openssl","events":[{"introduced":"0"},{"fixed":"798779d43494549b611233f92652f0da5328fbe7"}]},{"type":"GIT","repo":"https://github.com/openssl/openssl","events":[{"introduced":"0"},{"fixed":"87ebd203feffcf92ad5889df92f90bb0ee10a699"}]}],"versions":["BEFORE_engine","OpenSSL_0_9_1c","OpenSSL_0_9_2b","OpenSSL_0_9_3","OpenSSL_0_9_3a","OpenSSL_0_9_3beta2","OpenSSL_0_9_4","OpenSSL_0_9_5a","OpenSSL_0_9_5a-beta1","OpenSSL_0_9_5a-beta2","OpenSSL_0_9_5beta1","OpenSSL_0_9_5beta2","OpenSSL_0_9_6-beta3","OpenSSL_1_1_0-pre1","OpenSSL_1_1_0-pre2","OpenSSL_1_1_0-pre3","OpenSSL_1_1_0-pre4","OpenSSL_1_1_0-pre5","OpenSSL_1_1_0-pre6","OpenSSL_1_1_1","OpenSSL_1_1_1-pre1","OpenSSL_1_1_1-pre2","OpenSSL_1_1_1-pre3","OpenSSL_1_1_1-pre4","OpenSSL_1_1_1-pre5","OpenSSL_1_1_1-pre6","OpenSSL_1_1_1-pre7","OpenSSL_1_1_1-pre8","OpenSSL_1_1_1-pre9","master-post-auto-reformat","master-post-reformat","master-pre-auto-reformat","master-pre-reformat","openssl-3.0.0-alpha1","openssl-3.0.0-alpha10","openssl-3.0.0-alpha11","openssl-3.0.0-alpha12","openssl-3.0.0-alpha13","openssl-3.0.0-alpha14","openssl-3.0.0-alpha15","openssl-3.0.0-alpha16","openssl-3.0.0-alpha17","openssl-3.0.0-alpha2","openssl-3.0.0-alpha3","openssl-3.0.0-alpha4","openssl-3.0.0-alpha5","openssl-3.0.0-alpha6","openssl-3.0.0-alpha7","openssl-3.0.0-alpha8","openssl-3.0.0-alpha9","openssl-3.0.0-beta1","openssl-3.0.0-beta2","openssl-3.2.0","openssl-3.2.0-alpha1","openssl-3.2.0-alpha2","openssl-3.2.0-beta1","openssl-3.2.1","openssl-3.2.2","openssl-3.2.3","openssl-3.3.0","openssl-3.3.0-alpha1","openssl-3.3.0-beta1","openssl-3.3.1","openssl-3.3.2","openssl-3.4.0","openssl-3.4.0-alpha1","openssl-3.4.0-beta1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-12797.json","vanir_signatures_modified":"2026-04-12T08:35:11Z","vanir_signatures":[{"digest":{"function_hash":"1956042097252918535424513507721537074","length":1282},"signature_version":"v1","deprecated":false,"id":"CVE-2024-12797-075983d2","target":{"file":"ssl/statem/statem_clnt.c","function":"tls_post_process_server_rpk"},"source":"https://github.com/openssl/openssl/commit/738d4f9fdeaad57660dcba50a619fafced3fd5e9","signature_type":"Function"},{"digest":{"function_hash":"1956042097252918535424513507721537074","length":1282},"signature_version":"v1","deprecated":false,"id":"CVE-2024-12797-21b472ef","target":{"file":"ssl/statem/statem_clnt.c","function":"tls_post_process_server_rpk"},"source":"https://github.com/openssl/openssl/commit/87ebd203feffcf92ad5889df92f90bb0ee10a699","signature_type":"Function"},{"digest":{"function_hash":"99201829665977675752850617662169141139","length":12532},"signature_version":"v1","deprecated":false,"id":"CVE-2024-12797-2d1e0f85","target":{"file":"test/rpktest.c","function":"test_rpk"},"source":"https://github.com/openssl/openssl/commit/87ebd203feffcf92ad5889df92f90bb0ee10a699","signature_type":"Function"},{"digest":{"function_hash":"99201829665977675752850617662169141139","length":12532},"signature_version":"v1","deprecated":false,"id":"CVE-2024-12797-3c50970c","target":{"file":"test/rpktest.c","function":"test_rpk"},"source":"https://github.com/openssl/openssl/commit/798779d43494549b611233f92652f0da5328fbe7","signature_type":"Function"},{"digest":{"function_hash":"1956042097252918535424513507721537074","length":1282},"signature_version":"v1","deprecated":false,"id":"CVE-2024-12797-3d63629a","target":{"file":"ssl/statem/statem_clnt.c","function":"tls_post_process_server_rpk"},"source":"https://github.com/openssl/openssl/commit/798779d43494549b611233f92652f0da5328fbe7","signature_type":"Function"},{"digest":{"threshold":0.9,"line_hashes":["194895840053125800411198705749778652772","244123533769597480912778702112131150276","56890279128527066791863257211573305452","64592593643054646872423648187950072531","253096137946299194702585990651476174811","336952088873448572681477654246988342849","207304481912974536185880903003645252158","329503287506843147960647987289790425909","72093447884906931550134207116954003218","53880554323656833826177911612982326888","302903320373408414422312084390951887359","54284842055507903823259025280599468395","305408705853469841011806500753544124055","154837961742484823614963884172654512139","310602236645320588146023785225072354498","294383287405727280509409670302742617827","176174255703733472635278490665741270092","160324218967815168496517909911684309402","318100534476875619475858398496500843361","204690598214224180932900627798289550568","12429303563724030504327404011985257645","136864886263131352794001348425727145014","115731504740208052277968552826031858920","188744313058683617409318189316853196587","130688613320683242973055599822126281770","98794971652304433928582512453478544145","69814264132754189763603860914449052074","140617443958657607393205050081793692856","221756215705910222704514197733768414657","258897346236442774344848316839001249776","249038638794700682249941503034864395970","177578284300772796468738048967563881213","128036384743267361859089750418003104218","211856099620522457597545598478235132900","257882452027245632463953502335060715632","184835865256216361891623530403973543048","259775556156763591790549975040825308145","176050665414952300618216462802395270530","34781342114220878773226429961409053713","152438846045329957067450268979516311912","176002869381885527026341584311154238367","291415429745447743672068570338936955350"]},"signature_version":"v1","deprecated":false,"id":"CVE-2024-12797-55e6101e","target":{"file":"test/rpktest.c"},"source":"https://github.com/openssl/openssl/commit/798779d43494549b611233f92652f0da5328fbe7","signature_type":"Line"},{"digest":{"function_hash":"99201829665977675752850617662169141139","length":12532},"signature_version":"v1","deprecated":false,"id":"CVE-2024-12797-9d736dcd","target":{"file":"test/rpktest.c","function":"test_rpk"},"source":"https://github.com/openssl/openssl/commit/738d4f9fdeaad57660dcba50a619fafced3fd5e9","signature_type":"Function"},{"digest":{"threshold":0.9,"line_hashes":["286986336932970536479090767212940140018","22578473730394408914053477402192760402","79418574720691607033433482075140060154","202765182941696435130541605397700629150","74453222846082221573266937162884068974","289946317748600655830603953910709050665","290204558549354221763144937405425137164","69369722430295584682263066104119095332","157583788306118977836222034997318547455","83210052581632726721186477811029700554"]},"signature_version":"v1","deprecated":false,"id":"CVE-2024-12797-aa791388","target":{"file":"ssl/statem/statem_clnt.c"},"source":"https://github.com/openssl/openssl/commit/87ebd203feffcf92ad5889df92f90bb0ee10a699","signature_type":"Line"},{"digest":{"threshold":0.9,"line_hashes":["194895840053125800411198705749778652772","244123533769597480912778702112131150276","56890279128527066791863257211573305452","64592593643054646872423648187950072531","253096137946299194702585990651476174811","336952088873448572681477654246988342849","207304481912974536185880903003645252158","329503287506843147960647987289790425909","72093447884906931550134207116954003218","53880554323656833826177911612982326888","302903320373408414422312084390951887359","54284842055507903823259025280599468395","305408705853469841011806500753544124055","154837961742484823614963884172654512139","310602236645320588146023785225072354498","294383287405727280509409670302742617827","176174255703733472635278490665741270092","160324218967815168496517909911684309402","318100534476875619475858398496500843361","204690598214224180932900627798289550568","12429303563724030504327404011985257645","136864886263131352794001348425727145014","115731504740208052277968552826031858920","188744313058683617409318189316853196587","130688613320683242973055599822126281770","98794971652304433928582512453478544145","69814264132754189763603860914449052074","140617443958657607393205050081793692856","221756215705910222704514197733768414657","258897346236442774344848316839001249776","249038638794700682249941503034864395970","177578284300772796468738048967563881213","128036384743267361859089750418003104218","211856099620522457597545598478235132900","257882452027245632463953502335060715632","184835865256216361891623530403973543048","259775556156763591790549975040825308145","176050665414952300618216462802395270530","34781342114220878773226429961409053713","152438846045329957067450268979516311912","176002869381885527026341584311154238367","291415429745447743672068570338936955350"]},"signature_version":"v1","deprecated":false,"id":"CVE-2024-12797-b5b50605","target":{"file":"test/rpktest.c"},"source":"https://github.com/openssl/openssl/commit/738d4f9fdeaad57660dcba50a619fafced3fd5e9","signature_type":"Line"},{"digest":{"threshold":0.9,"line_hashes":["286986336932970536479090767212940140018","22578473730394408914053477402192760402","79418574720691607033433482075140060154","202765182941696435130541605397700629150","74453222846082221573266937162884068974","289946317748600655830603953910709050665","290204558549354221763144937405425137164","69369722430295584682263066104119095332","157583788306118977836222034997318547455","83210052581632726721186477811029700554"]},"signature_version":"v1","deprecated":false,"id":"CVE-2024-12797-dd443cb3","target":{"file":"ssl/statem/statem_clnt.c"},"source":"https://github.com/openssl/openssl/commit/798779d43494549b611233f92652f0da5328fbe7","signature_type":"Line"},{"digest":{"threshold":0.9,"line_hashes":["286986336932970536479090767212940140018","22578473730394408914053477402192760402","79418574720691607033433482075140060154","202765182941696435130541605397700629150","74453222846082221573266937162884068974","289946317748600655830603953910709050665","290204558549354221763144937405425137164","69369722430295584682263066104119095332","157583788306118977836222034997318547455","83210052581632726721186477811029700554"]},"signature_version":"v1","deprecated":false,"id":"CVE-2024-12797-f8e7f921","target":{"file":"ssl/statem/statem_clnt.c"},"source":"https://github.com/openssl/openssl/commit/738d4f9fdeaad57660dcba50a619fafced3fd5e9","signature_type":"Line"},{"digest":{"threshold":0.9,"line_hashes":["194895840053125800411198705749778652772","244123533769597480912778702112131150276","56890279128527066791863257211573305452","64592593643054646872423648187950072531","253096137946299194702585990651476174811","336952088873448572681477654246988342849","207304481912974536185880903003645252158","329503287506843147960647987289790425909","72093447884906931550134207116954003218","53880554323656833826177911612982326888","302903320373408414422312084390951887359","54284842055507903823259025280599468395","305408705853469841011806500753544124055","154837961742484823614963884172654512139","310602236645320588146023785225072354498","294383287405727280509409670302742617827","176174255703733472635278490665741270092","160324218967815168496517909911684309402","318100534476875619475858398496500843361","204690598214224180932900627798289550568","12429303563724030504327404011985257645","136864886263131352794001348425727145014","115731504740208052277968552826031858920","188744313058683617409318189316853196587","130688613320683242973055599822126281770","98794971652304433928582512453478544145","69814264132754189763603860914449052074","140617443958657607393205050081793692856","221756215705910222704514197733768414657","258897346236442774344848316839001249776","249038638794700682249941503034864395970","177578284300772796468738048967563881213","128036384743267361859089750418003104218","211856099620522457597545598478235132900","257882452027245632463953502335060715632","184835865256216361891623530403973543048","259775556156763591790549975040825308145","176050665414952300618216462802395270530","34781342114220878773226429961409053713","152438846045329957067450268979516311912","176002869381885527026341584311154238367","291415429745447743672068570338936955350"]},"signature_version":"v1","deprecated":false,"id":"CVE-2024-12797-fb50e3cc","target":{"file":"test/rpktest.c"},"source":"https://github.com/openssl/openssl/commit/87ebd203feffcf92ad5889df92f90bb0ee10a699","signature_type":"Line"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}]}