CVE & CISA-KEV Catalog

CVE-2023-2975

MEDIUM
5.3
CVSS v3
NVD

Description

Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries as associated data can be misled by removing, adding or reordering such empty entries as these are ignored by the OpenSSL implementation. We are currently unaware of any such applications. The AES-SIV algorithm allows for authentication of multiple associated data entries along with the encryption. To authenticate empty data the application has to call EVP_EncryptUpdate() (or EVP_CipherUpdate()) with NULL pointer as the output buffer and 0 as the input buffer length. The AES-SIV implementation in OpenSSL just returns success for such a call instead of performing the associated data authentication operation. The empty data thus will not be authenticated. As this issue does not affect non-empty associated data authentication and we expect it to be rare for an application to use empty associated data entries this is qualified as Low severity issue.

How to fix

Remediation Available
opensslDebian
Fixed in:3.0.10-1~deb12u1CVE-2023-2975
Fixed in:3.0.10-1CVE-2023-2975
Fixed in:3.0.10-1CVE-2023-2975
opensslRocky
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
opensslRed Hat / RHEL
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
openssl-debuginfoRocky
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
openssl-debuginfoRed Hat / RHEL
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
openssl-debugsourceRocky
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
openssl-debugsourceRed Hat / RHEL
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
openssl-develRocky
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
openssl-develRed Hat / RHEL
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
openssl-fips-providerRocky
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
openssl-fips-providerRed Hat / RHEL
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
openssl-fips-provider-debuginfoRed Hat / RHEL
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
openssl-fips-provider-debuginfoRocky
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
openssl-fips-provider-debugsourceRocky
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
openssl-fips-provider-debugsourceRed Hat / RHEL
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
Fixed in:0:3.0.7-2.el9RHSA-2024:2447
openssl-libsRed Hat / RHEL
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
openssl-libsRocky
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
openssl-libs-debuginfoRocky
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
openssl-libs-debuginfoRed Hat / RHEL
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
openssl-perlRed Hat / RHEL
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
openssl-perlRocky
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
Fixed in:1:3.0.7-27.el9RHSA-2024:2447
libssl3Ubuntu
Fixed in:3.0.2-0ubuntu1.12USN-6450-1
Fixed in:3.0.8-1ubuntu1.4USN-6450-1
Fixed in:3.0.10-1ubuntu2.1USN-6450-1
opensslUbuntu
Fixed in:3.0.2-0ubuntu1.12USN-6450-1
Fixed in:3.0.8-1ubuntu1.4USN-6450-1
Fixed in:3.0.10-1ubuntu2.1USN-6450-1

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityNone
IntegrityLow
AvailabilityNone

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Exploit Intelligence

0.53%probability of exploitation in 30 days
41stpercentile

Moderate risk: more likely to be exploited than 41% of all known CVEs.

References

Embed a live status badge for CVE-2023-2975
CVE-2023-2975 severity badge

Markdown

[![CVE-2023-2975](https://tridentstack.com/cve/badge/CVE-2023-2975.svg)](https://tridentstack.com/cve/CVE-2023-2975)

HTML

<a href="https://tridentstack.com/cve/CVE-2023-2975"><img src="https://tridentstack.com/cve/badge/CVE-2023-2975.svg" alt="CVE-2023-2975"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-04-23.