CVE & CISA-KEV Catalog

CVE-2023-1255

MEDIUM
5.9
CVSS v3
NVD

Description

Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM platform contains a bug that could cause it to read past the input buffer, leading to a crash. Impact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM platform can crash in rare circumstances. The AES-XTS algorithm is usually used for disk encryption. The AES-XTS cipher decryption implementation for 64 bit ARM platform will read past the end of the ciphertext buffer if the ciphertext size is 4 mod 5 in 16 byte blocks, e.g. 144 bytes or 1024 bytes. If the memory after the ciphertext buffer is unmapped, this will trigger a crash which results in a denial of service. If an attacker can control the size and location of the ciphertext buffer being decrypted by an application using AES-XTS on 64 bit ARM, the application is affected. This is fairly unlikely making this issue a Low severity one.

How to fix

Remediation Available
opensslDebian
Fixed in:3.0.9-1CVE-2023-1255
Fixed in:3.0.9-1CVE-2023-1255
Fixed in:3.0.9-1CVE-2023-1255
opensslRocky
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
opensslRed Hat / RHEL
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
openssl-debuginfoRed Hat / RHEL
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
openssl-debuginfoRocky
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
openssl-debugsourceRed Hat / RHEL
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
openssl-debugsourceRocky
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
openssl-develRed Hat / RHEL
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
openssl-develRocky
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
openssl-libsRocky
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
openssl-libsRed Hat / RHEL
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
openssl-libs-debuginfoRed Hat / RHEL
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
openssl-libs-debuginfoRocky
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
openssl-perlRed Hat / RHEL
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
openssl-perlRocky
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
Fixed in:1:3.0.7-16.el9_2RHSA-2023:3722
libssl1.0.0Ubuntu
Fixed in:1.0.2n-1ubuntu5.13USN-6119-1
libssl1.1Ubuntu
Fixed in:1.1.1-1ubuntu2.1~18.04.23USN-6119-1
Fixed in:1.1.1f-1ubuntu2.19USN-6119-1
libssl3Ubuntu
Fixed in:3.0.2-0ubuntu1.10USN-6119-1
Fixed in:3.0.5-2ubuntu2.3USN-6119-1
Fixed in:3.0.8-1ubuntu1.2USN-6119-1
opensslUbuntu
Fixed in:1.1.1-1ubuntu2.1~18.04.23USN-6119-1
Fixed in:1.1.1f-1ubuntu2.19USN-6119-1
Fixed in:3.0.2-0ubuntu1.10USN-6119-1
Fixed in:3.0.5-2ubuntu2.3USN-6119-1
Fixed in:3.0.8-1ubuntu1.2USN-6119-1
openssl1.0Ubuntu
Fixed in:1.0.2n-1ubuntu5.13USN-6119-1

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityNone
IntegrityNone
AvailabilityHigh

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploit Intelligence

0.95%probability of exploitation in 30 days
57thpercentile

Moderate risk: more likely to be exploited than 57% of all known CVEs.

References

Related Vulnerabilities

Other CWE-125 (Out-of-bounds Read) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2014-0160High7.5100%KEVFix
CVE-2025-5777High7.5100%KEV + RansomFix
CVE-2021-4034High7.895%KEVFix
CVE-2023-21769High7.592%-Fix
CVE-2023-49285High8.689%-Fix
CVE-2020-8794Critical9.889%-Fix
Embed a live status badge for CVE-2023-1255
CVE-2023-1255 severity badge

Markdown

[![CVE-2023-1255](https://tridentstack.com/cve/badge/CVE-2023-1255.svg)](https://tridentstack.com/cve/CVE-2023-1255)

HTML

<a href="https://tridentstack.com/cve/CVE-2023-1255"><img src="https://tridentstack.com/cve/badge/CVE-2023-1255.svg" alt="CVE-2023-1255"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-02-04.