Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name CVE-2021-3711 First vendor Publication 2021-08-24
Vendor Cve Last vendor Modification 2021-10-22

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Overall CVSS Score 9.8
Base Score 9.8 Environmental Score 9.8
impact SubScore 5.9 Temporal Score 9.8
Exploitabality Sub Score 3.9
 
Attack Vector Network Attack Complexity Low
Privileges Required None User Interaction None
Scope Unchanged Confidentiality Impact High
Integrity Impact High Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 1
Application 2
Application 1
Application 1
Application 1
Application 1
Application 1
Application 355
Os 2

Sources (Detail)

Source Url
CONFIRM https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc...
https://security.netapp.com/advisory/ntap-20210827-0010/
https://security.netapp.com/advisory/ntap-20211022-0003/
https://www.openssl.org/news/secadv/20210824.txt
https://www.tenable.com/security/tns-2021-16
DEBIAN https://www.debian.org/security/2021/dsa-4963
MISC https://www.oracle.com/security-alerts/cpuoct2021.html
MLIST http://www.openwall.com/lists/oss-security/2021/08/26/2
https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249...
https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17...

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
Date Informations
2021-10-23 00:23:13
  • Multiple Updates
2021-10-20 17:23:10
  • Multiple Updates
2021-09-23 00:23:11
  • Multiple Updates
2021-08-31 21:23:13
  • Multiple Updates
2021-08-27 13:22:55
  • Multiple Updates
2021-08-26 21:23:11
  • Multiple Updates
2021-08-26 13:22:49
  • Multiple Updates
2021-08-25 17:22:48
  • Multiple Updates
2021-08-25 05:22:51
  • Multiple Updates
2021-08-24 21:23:11
  • First insertion