CVE-2022-4304: 
Rust vulnerability analysis and mitigation

A timing-based side channel vulnerability (CVE-2022-4304) was discovered in the OpenSSL RSA Decryption implementation. The vulnerability was reported on July 15, 2022, by Hubert Kario from Red Hat and affects OpenSSL versions 3.0, 1.1.1, and 1.0.2 (OpenSSL Advisory).

The vulnerability exists in the RSA Decryption implementation and affects all RSA padding modes including PKCS#1 v1.5, RSA-OEAP, and RSASVE. The timing-based side channel could potentially allow an attacker to recover plaintext across a network through a Bleichenbacher style attack. The vulnerability has been assigned a CVSS v3.1 base score of 5.9 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) (CISA Advisory).

In a TLS connection scenario, where RSA is commonly used by a client to send an encrypted pre-master secret to the server, an attacker who has observed a genuine connection could send trial messages to the server and record processing times. After collecting sufficient timing data, the attacker could potentially recover the pre-master secret from the original connection and decrypt the application data (OpenSSL Advisory).

Users of affected versions should upgrade to OpenSSL 3.0.8 (for OpenSSL 3.0), OpenSSL 1.1.1t (for OpenSSL 1.1.1), or OpenSSL 1.0.2zg (for premium support customers only). For systems that cannot be immediately updated, it is recommended to use within a LAN and block access from untrusted networks and hosts through firewalls (CISA Advisory).