CVE-2021-3449 – openssl-src

Package

Manager: cargo
Name: openssl-src
Vulnerable Version: >=0 <111.15.0

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS: 0.10687 pctl0.93038

Details

openssl-src NULL pointer Dereference in signature_algorithms processing An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).

Metadata

Created: 2021-08-25T20:54:02Z
Modified: 2023-09-05T14:49:32Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-83mx-573x-5rw9/GHSA-83mx-573x-5rw9.json
CWE IDs: ["CWE-476"]
Alternative ID: GHSA-83mx-573x-5rw9
Finding: F002
Auto approve: 1