GHSA-83mx-573x-5rw9

Suggest an improvement
Source
https://github.com/advisories/GHSA-83mx-573x-5rw9
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-83mx-573x-5rw9/GHSA-83mx-573x-5rw9.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-83mx-573x-5rw9
Aliases
Published
2021-08-25T20:54:02Z
Modified
2023-12-06T00:46:15.842728Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
openssl-src NULL pointer Dereference in signature_algorithms processing
Details

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension (where it was present in the initial ClientHello), but includes a signaturealgorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).

References

Affected packages

crates.io / openssl-src

Package

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
111.15.0