OpenSSL Infinite loop when parsing certificates CVE-2022-0778
A vulnerability CVE-2022-0778 was found in OpenSSL that allows to trigger an infinite loop by crafting a certificate that has invalid elliptic curve parameters. Since certificate parsing happens before verification of the certificate signature, any process that parses an externally supplied certificate leads to a DoS (Denial of service) attack.
SonicWall is investigating its product line to determine which products and cloud services may be affected by this vulnerability.
@micah - SonicWall's Self-Service Sr. Manager