低危 openssl openssl 空指针解引用

CVE编号

CVE-2021-3449

利用情况

POC 已公开

补丁情况

官方补丁

披露时间

2021-03-26 04:15:00
漏洞描述
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
解决建议
厂商已发布了漏洞修复程序,请及时关注更新:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd
受影响软件情况
# 类型 厂商 产品 版本 影响面
1
运行在以下环境
应用 openssl openssl * From
(including)
1.1.1
Up to
(excluding)
1.1.1k
2
运行在以下环境
系统 alpine_3.12 openssl * Up to
(excluding)
1.1.1k-r0
3
运行在以下环境
系统 alpine_3.13 openssl * Up to
(excluding)
1.1.1k-r0
4
运行在以下环境
系统 alpine_3.10 openssl * Up to
(excluding)
1.1.1k-r0
5
运行在以下环境
系统 amazon_2 openssl * Up to
(excluding)
1.1.1g-12.amzn2.0.3
6
运行在以下环境
系统 alpine_edge openssl * Up to
(excluding)
1.30.1-r0
7
运行在以下环境
系统 suse_12_SP5 openssl * Up to
(excluding)
1.1.1d-2.33.1
8
运行在以下环境
系统 oracle_8 openssl * Up to
(excluding)
1.1.1g-15.el8_3
9
运行在以下环境
系统 fedora_EPEL_7 openssl * Up to
(excluding)
1.1.1g-3.el7
10
运行在以下环境
系统 fedora_34 openssl * Up to
(excluding)
1.1.1k-1.fc34
11
运行在以下环境
系统 opensuse_Leap_15.2 openssl * Up to
(excluding)
1.1.1d-lp152.7.15.1
12
运行在以下环境
系统 opensuse_Leap_15.3 openssl * Up to
(excluding)
10.24.1-1.36.1
13
运行在以下环境
系统 opensuse_Leap_15.2 openssl * Up to
(excluding)
12.22.2-lp152.3.15.1
14
运行在以下环境
系统 opensuse_Leap_15.3 openssl * Up to
(excluding)
12.22.2-4.16.1
15
运行在以下环境
系统 opensuse_Leap_15.2 openssl * Up to
(excluding)
10.24.1-lp152.2.15.1
16
运行在以下环境
系统 suse_12_SP5 openssl * Up to
(excluding)
1.1.1d-2.33.1
17
运行在以下环境
系统 fedora_EPEL_7 openssl * Up to
(excluding)
1.1.1g-3.el7
18
运行在以下环境
系统 opensuse_Leap_15.2 openssl * Up to
(excluding)
1.1.1d-lp152.7.15.1
19
运行在以下环境
系统 alpine_3.14 openssl * Up to
(excluding)
1.30.1-r0
20
运行在以下环境
系统 ubuntu_21.04 openssl * Up to
(excluding)
13.4-0ubuntu0.21.04.1
21
运行在以下环境
系统 ubuntu_20.04 openssl * Up to
(excluding)
1.1.1f-1ubuntu2.3
22
运行在以下环境
系统 ubuntu_18.04 openssl * Up to
(excluding)
10.18-0ubuntu0.18.04.1
23
运行在以下环境
系统 opensuse_Leap_15.3 openssl * Up to
(excluding)
10.24.1-1.36.1
24
运行在以下环境
系统 opensuse_Leap_15.2 openssl * Up to
(excluding)
12.22.2-lp152.3.15.1
25
运行在以下环境
系统 opensuse_Leap_15.3 openssl * Up to
(excluding)
12.22.2-4.16.1
26
运行在以下环境
系统 opensuse_Leap_15.2 openssl * Up to
(excluding)
10.24.1-lp152.2.15.1
27
运行在以下环境
系统 suse_12_SP5 openssl * Up to
(excluding)
1.1.1d-2.33.1
28
运行在以下环境
系统 fedora_EPEL_7 openssl * Up to
(excluding)
1.1.1g-3.el7
29
运行在以下环境
系统 redhat_8 openssl * Up to
(excluding)
1.1.1g-15.el8_3
30
运行在以下环境
系统 centos_8 openssl * Up to
(excluding)
1.1.1g-15.el8_3
31
运行在以下环境
系统 opensuse_Leap_15.2 openssl * Up to
(excluding)
1.1.1d-lp152.7.15.1
32
运行在以下环境
系统 alpine_3.9 openssl * Up to
(excluding)
1.1.1k-r0
33
运行在以下环境
系统 debian_11 openssl * Up to
(excluding)
1.1.1j-1
34
运行在以下环境
系统 debian_9 openssl * Up to
(excluding)
1.1.0f-3+deb9u2
35
运行在以下环境
系统 debian_10 openssl * Up to
(excluding)
1.1.1d-0+deb10u6
36
运行在以下环境
系统 alpine_3.11 openssl * Up to
(excluding)
1.1.1k-r0
阿里云评分
3.6
  • 攻击路径
    本地
  • 攻击复杂度
    困难
  • 权限要求
    普通权限
  • 影响范围
    有限影响
  • EXP成熟度
    POC 已公开
  • 补丁情况
    官方补丁
  • 数据保密性
    无影响
  • 数据完整性
    无影响
  • 服务器危害
    DoS
  • 全网数量
    N/A
CWE-ID 漏洞类型
CWE-476 空指针解引用
阿里云安全产品覆盖情况