Opened 3 months ago

Closed 3 months ago

#4816 closed task (fixed)

openssl-1.1.1j

Reported by: Douglas R. Reno Owned by: Douglas R. Reno
Priority: high Milestone: 10.1
Component: Book Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version

Change History (5)

comment:1 by Douglas R. Reno, 3 months ago

Priority: normalhigh
 Major changes between OpenSSL 1.1.1i and OpenSSL 1.1.1j [16 Feb 2021]

    Fixed a NULL pointer deref in the X509_issuer_and_serial_hash() function (CVE-2021-23841)
    Fixed the RSA_padding_check_SSLv23() function and the RSA_SSLV23_PADDING padding mode to correctly check for rollback attacks
    Fixed an overflow in the EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate functions (CVE-2021-23840)
    Fixed SRP_Calc_client_key so that it runs in constant time

comment:2 by Douglas R. Reno, 3 months ago

OpenSSL Security Advisory [16 February 2021]
============================================

Null pointer deref in X509_issuer_and_serial_hash() (CVE-2021-23841)
====================================================================

Severity: Moderate

The OpenSSL public API function X509_issuer_and_serial_hash() attempts to
create a unique hash value based on the issuer and serial number data contained
within an X509 certificate. However it fails to correctly handle any errors
that may occur while parsing the issuer field (which might occur if the issuer
field is maliciously constructed). This may subsequently result in a NULL
pointer deref and a crash leading to a potential denial of service attack.

The function X509_issuer_and_serial_hash() is never directly called by OpenSSL
itself so applications are only vulnerable if they use this function directly
and they use it on certificates that may have been obtained from untrusted
sources.

OpenSSL versions 1.1.1i and below are affected by this issue. Users of these
versions should upgrade to OpenSSL 1.1.1j.

OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL
1.0.2 is out of support and no longer receiving public updates. Premium support
customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade
to 1.1.1j.

This issue was reported to OpenSSL on 15th December 2020 by Tavis Ormandy from
Google. The fix was developed by Matt Caswell.

comment:3 by Douglas R. Reno, 3 months ago

Integer overflow in CipherUpdate (CVE-2021-23840)
=================================================

Severity: Low

Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow
the output length argument in some cases where the input length is close to the
maximum permissable length for an integer on the platform. In such cases the
return value from the function call will be 1 (indicating success), but the
output length value will be negative. This could cause applications to behave
incorrectly or crash.

OpenSSL versions 1.1.1i and below are affected by this issue. Users of these
versions should upgrade to OpenSSL 1.1.1j.

OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL
1.0.2 is out of support and no longer receiving public updates. Premium support
customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade
to 1.1.1j.

This issue was reported to OpenSSL on 13th December 2020 by Paul Kehrer. The fix
was developed by Matt Caswell.

comment:4 by Douglas R. Reno, 3 months ago

Owner: changed from lfs-book to Douglas R. Reno
Status: newassigned

comment:5 by Bruce Dubbs, 3 months ago

Resolution: fixed
Status: assignedclosed

Fixed at revision 12138.

Note: See TracTickets for help on using tickets.