CVE-2021-3449

CWE-476 — NULL Pointer Dereference CWE-295 — Improper Certificate Validation15 documents11 sources

Severity

5.9MEDIUM

EPSS

9.9%

top 7.01%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Nodejs Node.js Openssl Openssl Oracle JD Edwards Enterpriseone Tools +65 more

Timeline

PublishedMar 25

Latest updateOct 12

Description

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). O…

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages68 packages

▶crates.ioopenssl-src0.0.0-0 — 111.15.0+1

▶NVDopenssl/openssl1.1.1 — 1.1.1k

▶Debianopenssl< 1.1.1k-1+3

▶CVEListV5openssl/opensslFixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)

▶NVDoracle/mysql_server8.0.15 — 8.0.23+1

Also affects: Freebsd 12.2, Debian Linux 10.0, 9.0, Fedora 34

Patches

Patch: cert-portal.siemens.com ↗Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

OSV

openssl-src NULL pointer Dereference in signature_algorithms processing↗2021-08-25

▶

GHSA

openssl-src NULL pointer Dereference in signature_algorithms processing↗2021-08-25

▶

OSV

postgresql-10, postgresql-12, postgresql-13 vulnerabilities↗2021-08-12

▶

OSV

NULL pointer deref in signature_algorithms processing↗2021-05-01

▶

OSV

CVE-2021-3449: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client↗2021-03-25

▶

📋Vendor Advisories

Microsoft

OpenSSL: CVE-2021-3449 NULL pointer deref in signature_algorithms processing↗2021-10-12

▶

Ubuntu

PostgreSQL vulnerabilities↗2021-08-12

▶

Oracle

Oracle Oracle MySQL Risk Matrix: Server: Packaging (OpenSSL) — CVE-2021-3449↗2021-04-15

▶

BSD

FreeBSD-SA-21:07.openssl: Multiple vulnerabilities in OpenSSL↗2021-03-25

▶

Ubuntu

OpenSSL vulnerability↗2021-03-25

▶