CVE-2021-3449

MEDIUM5.9EPSS 9.9%

NULL pointer deref in signature_algorithms processing

Published: 8/25/2021Modified: 12/16/2024

Also known as:GHSA-83mx-573x-5rw9ALPINE-CVE-2021-3449BIT-node-2021-3449BIT-node-min-2021-3449RUSTSEC-2021-0055

Description

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue.

Affected packages (8)

Alpine/opensslfrom 0, < 1.1.1k-r0
Alpine/openssl3from 0, < 1.1.1k-r0
Bitnami/node>= 10.0.0, < 10.12.1, >= 10.13.0, < 10.24.1, >= 12.0.0, < 12.12.1, >= 12.13.0, < 12.22.1, >= 14.0.0, < 14.14.1, >= 14.15.0, < 14.16.1, >= 15.0.0, < 15.14.0
Bitnami/node-min>= 10.0.0, < 10.12.1, >= 10.13.0, < 10.24.1, >= 12.0.0, < 12.12.1, >= 12.13.0, < 12.22.1, >= 14.0.0, < 14.14.1, >= 14.15.0, < 14.16.1, >= 15.0.0, < 15.14.0
crates.io/openssl-src>= 0.0.0-0, < 111.15.0
crates.io/openssl-srcfrom 0, < 111.15.0
Debian/opensslfrom 0, < 1.1.1d-0+deb10u6
Debian/opensslfrom 0, < 1.1.1k-1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM5.9	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Description

Affected packages (8)

CVSS scores

References (40)