CVE - CVE-2021-3711

CVE-ID
CVE-2021-3711	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CONFIRM:https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf URL:https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf CONFIRM:https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46 URL:https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46 CONFIRM:https://security.netapp.com/advisory/ntap-20210827-0010/ URL:https://security.netapp.com/advisory/ntap-20210827-0010/ CONFIRM:https://security.netapp.com/advisory/ntap-20211022-0003/ URL:https://security.netapp.com/advisory/ntap-20211022-0003/ CONFIRM:https://www.openssl.org/news/secadv/20210824.txt URL:https://www.openssl.org/news/secadv/20210824.txt CONFIRM:https://www.tenable.com/security/tns-2021-16 URL:https://www.tenable.com/security/tns-2021-16 CONFIRM:https://www.tenable.com/security/tns-2022-02 URL:https://www.tenable.com/security/tns-2022-02 DEBIAN:DSA-4963 URL:https://www.debian.org/security/2021/dsa-4963 GENTOO:GLSA-202209-02 URL:https://security.gentoo.org/glsa/202209-02 GENTOO:GLSA-202210-02 URL:https://security.gentoo.org/glsa/202210-02 MISC:https://www.oracle.com/security-alerts/cpuapr2022.html URL:https://www.oracle.com/security-alerts/cpuapr2022.html MISC:https://www.oracle.com/security-alerts/cpujan2022.html URL:https://www.oracle.com/security-alerts/cpujan2022.html MISC:https://www.oracle.com/security-alerts/cpuoct2021.html URL:https://www.oracle.com/security-alerts/cpuoct2021.html MLIST:[oss-security] 20210825 OpenSSL SM2 Decryption Buffer Overflow (CVE-2021-3711), Read buffer overruns processing ASN.1 strings (CVE-2021-3712) URL:http://www.openwall.com/lists/oss-security/2021/08/26/2 MLIST:[tomcat-dev] 20210825 OpenSSL security announcement - do we need a Tomcat Native release? URL:https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E MLIST:[tomcat-dev] 20210826 Re: OpenSSL security announcement - do we need a Tomcat Native release? URL:https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E
Assigning CNA
OpenSSL Software Foundation
Date Record Created
20210816	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20210816)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)