CVE-2021-41581 — Out-of-bounds Read in Libressl

CWE-125 — Out-of-bounds Read3 documents3 sources

Severity

5.5MEDIUMNVD

EPSS

0.3%

top 46.25%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openbsd Libressl

Timeline

PublishedSep 24

Latest updateMay 24

Description

x509_constraints_parse_mailbox in lib/libcrypto/x509/x509_constraints.c in LibreSSL through 3.4.0 has a stack-based buffer over-read. When the input exceeds DOMAIN_PART_MAX_LEN, the buffer lacks '\0' termination.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

▶NVDopenbsd/libressl3.4.0

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-675w-hmxx-cvf3: x509_constraints_parse_mailbox in lib/libcrypto/x509/x509_constraints↗2022-05-24

▶

CVEList

CVE-2021-41581: x509_constraints_parse_mailbox in lib/libcrypto/x509/x509_constraints↗2021-09-24

▶