CVE-2021-3711

EPSS 2.75%
Published 24.08.2021 15:15:09
Last modified 21.11.2024 06:22:12
Source openssl-security@openssl.org
Teams watchlist Login
Open Login

In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).

Affected products Warnungen 0 Metrics 3 CWE 1 References 20

Data is provided by the National Vulnerability Database (NVD)

OpenSSL ≫ OpenSSL Version >= 1.1.1 < 1.1.1l

Debian ≫ Debian Linux Version10.0

Debian ≫ Debian Linux Version11.0

Netapp ≫ Active Iq Unified Manager Version- SwPlatformvmware_vsphere

Netapp ≫ Active Iq Unified Manager Version- SwPlatformwindows

Netapp ≫ Clustered Data Ontap Version-

Netapp ≫ Clustered Data Ontap Antivirus Connector Version-

Netapp ≫ E-series Santricity Os Controller Version >= 11.0 <= 11.50.2

Netapp ≫ Hci Management Node Version-

Netapp ≫ Manageability Software Development Kit Version-

Netapp ≫ Oncommand Insight Version-

Netapp ≫ Oncommand Workflow Automation Version-

Netapp ≫ Santricity Smi-s Provider Version-

Netapp ≫ Snapcenter Version-

Netapp ≫ Solidfire Version-

Netapp ≫ Storage Encryption Version-

Oracle ≫ Communications Cloud Native Core Security Edge Protection Proxy Version1.7.0

Oracle ≫ Communications Cloud Native Core Unified Data Repository Version1.15.0

Oracle ≫ Communications Session Border Controller Version8.4

Oracle ≫ Communications Session Border Controller Version9.0

Oracle ≫ Communications Unified Session Manager Version8.2.5

Oracle ≫ Communications Unified Session Manager Version8.4.5

Oracle ≫ Enterprise Communications Broker Version3.2.0

Oracle ≫ Enterprise Communications Broker Version3.3.0

Oracle ≫ Enterprise Session Border Controller Version8.4

Oracle ≫ Enterprise Session Border Controller Version9.0

Oracle ≫ Essbase Version < 11.1.2.4.47

Oracle ≫ Essbase Version >= 21.1 < 21.3

Oracle ≫ Health Sciences Inform Publisher Version6.2.1.1

Oracle ≫ Health Sciences Inform Publisher Version6.3.1.1

Oracle ≫ Jd Edwards Enterpriseone Tools Version < 9.2.6.3

Oracle ≫ Jd Edwards World Security Versiona9.4

Oracle ≫ Mysql Connectors Version <= 8.0.27

Oracle ≫ Mysql Enterprise Monitor Version <= 8.0.25

Oracle ≫ Mysql Server Version >= 5.7.0 <= 5.7.35

Oracle ≫ Mysql Server Version >= 8.0.0 <= 8.0.26

Oracle ≫ Peoplesoft Enterprise Peopletools Version8.57

Oracle ≫ Peoplesoft Enterprise Peopletools Version8.58

Oracle ≫ Peoplesoft Enterprise Peopletools Version8.59

Oracle ≫ Zfs Storage Appliance Kit Version8.8

Tenable ≫ Nessus Network Monitor Version <= 5.13.1

Tenable ≫ Tenable.Sc Version >= 5.16.0 <= 5.19.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.75%	0.855

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

https://www.oracle.com/security-alerts/cpuapr2022.html

Patch

Third Party Advisory

https://www.oracle.com/security-alerts/cpujan2022.html

Patch

Third Party Advisory

https://www.oracle.com/security-alerts/cpuoct2021.html

Patch

Third Party Advisory

https://security.netapp.com/advisory/ntap-20240621-0006/

https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf

Third Party Advisory