NULL Pointer Dereference

Affecting openssl package, versions <1.1.1-1ubuntu2.1~18.04.9

Report new vulnerabilities
Do your applications use this vulnerable package? Test your applications

NVD Description

Note: Versions mentioned in the description apply to the upstream openssl package. See Remediation section below for Ubuntu:18.04 relevant versions.

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).

Remediation

Upgrade Ubuntu:18.04 openssl to version 1.1.1-1ubuntu2.1~18.04.9 or higher.

References

CVSS Score

5.9
high severity
  • Attack Vector
    Network
  • Attack Complexity
    High
  • Privileges Required
    None
  • User Interaction
    None
  • Scope
    Unchanged
  • Confidentiality
    None
  • Integrity
    None
  • Availability
    High
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE
CVE-2021-3449
CWE
CWE-476
Snyk ID
SNYK-UBUNTU1804-OPENSSL-1089073
Disclosed
25 Mar, 2021
Published
25 Mar, 2021