CVE-2021-23841: Null pointer deref in X509_issuer_and_serial_hash()
First published: Tue Feb 16 2021(Updated: )
Last updated 24 July 2024
Credit: Tavis Ormandy GoogleTavis Ormandy GoogleTavis Ormandy GoogleTavis Ormandy GoogleTavis Ormandy GoogleTavis Ormandy Google openssl-security@openssl.org openssl-security@openssl.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/jbcs-httpd24-apr | <0:1.6.3-107.el8 | 0:1.6.3-107.el8 |
| redhat/jbcs-httpd24-apr-util | <0:1.6.1-84.el8 | 0:1.6.1-84.el8 |
| redhat/jbcs-httpd24-curl | <0:7.78.0-2.el8 | 0:7.78.0-2.el8 |
| redhat/jbcs-httpd24-httpd | <0:2.4.37-78.el8 | 0:2.4.37-78.el8 |
| redhat/jbcs-httpd24-nghttp2 | <0:1.39.2-39.el8 | 0:1.39.2-39.el8 |
| redhat/jbcs-httpd24-openssl | <1:1.1.1g-8.el8 | 1:1.1.1g-8.el8 |
| redhat/jbcs-httpd24-openssl-chil | <0:1.0.0-7.el8 | 0:1.0.0-7.el8 |
| redhat/jbcs-httpd24-openssl-pkcs11 | <0:0.4.10-22.el8 | 0:0.4.10-22.el8 |
| redhat/jbcs-httpd24-apr | <0:1.6.3-107.jbcs.el7 | 0:1.6.3-107.jbcs.el7 |
| redhat/jbcs-httpd24-apr-util | <0:1.6.1-84.jbcs.el7 | 0:1.6.1-84.jbcs.el7 |
| redhat/jbcs-httpd24-curl | <0:7.78.0-2.jbcs.el7 | 0:7.78.0-2.jbcs.el7 |
| redhat/jbcs-httpd24-httpd | <0:2.4.37-78.jbcs.el7 | 0:2.4.37-78.jbcs.el7 |
| redhat/jbcs-httpd24-nghttp2 | <0:1.39.2-39.jbcs.el7 | 0:1.39.2-39.jbcs.el7 |
| redhat/jbcs-httpd24-openssl | <1:1.1.1g-8.jbcs.el7 | 1:1.1.1g-8.jbcs.el7 |
| redhat/jbcs-httpd24-openssl-chil | <0:1.0.0-7.jbcs.el7 | 0:1.0.0-7.jbcs.el7 |
| redhat/jbcs-httpd24-openssl-pkcs11 | <0:0.4.10-22.jbcs.el7 | 0:0.4.10-22.jbcs.el7 |
| redhat/openssl | <1:1.0.2k-22.el7_9 | 1:1.0.2k-22.el7_9 |
| redhat/edk2 | <0:20210527gite1999b264f1f-3.el8 | 0:20210527gite1999b264f1f-3.el8 |
| redhat/openssl | <1:1.1.1k-4.el8 | 1:1.1.1k-4.el8 |
| redhat/jws5-tomcat | <0:9.0.50-3.redhat_00004.1.el7 | 0:9.0.50-3.redhat_00004.1.el7 |
| redhat/jws5-tomcat-native | <0:1.2.30-3.redhat_3.el7 | 0:1.2.30-3.redhat_3.el7 |
| redhat/jws5-tomcat-vault | <0:1.1.8-4.Final_redhat_00004.1.el7 | 0:1.1.8-4.Final_redhat_00004.1.el7 |
| redhat/jws5-tomcat | <0:9.0.50-3.redhat_00004.1.el8 | 0:9.0.50-3.redhat_00004.1.el8 |
| redhat/jws5-tomcat-native | <0:1.2.30-3.redhat_3.el8 | 0:1.2.30-3.redhat_3.el8 |
| redhat/jws5-tomcat-vault | <0:1.1.8-4.Final_redhat_00004.1.el8 | 0:1.1.8-4.Final_redhat_00004.1.el8 |
| Apple Safari | <14.1.1 | 14.1.1 |
| Apple macOS Big Sur | <11.4 | 11.4 |
| Apple iOS | <14.6 | 14.6 |
| Apple iPadOS | <14.6 | 14.6 |
| OpenSSL OpenSSL | >=1.0.2<1.0.2y | |
| OpenSSL OpenSSL | >=1.1.1<1.1.1j | |
| Debian Debian Linux | =10.0 | |
| Tenable Nessus Network Monitor | =5.11.0 | |
| Tenable Nessus Network Monitor | =5.11.1 | |
| Tenable Nessus Network Monitor | =5.12.0 | |
| Tenable Nessus Network Monitor | =5.12.1 | |
| Tenable Nessus Network Monitor | =5.13.0 | |
| Tenable Tenable.sc | >=5.13.0<=5.17.0 | |
| Apple Safari | <14.1.1 | |
| Apple iPadOS | <14.6 | |
| Apple iPhone OS | <14.6 | |
| Apple macOS | >=11.1<11.4 | |
| NetApp OnCommand Insight | ||
| NetApp OnCommand Workflow Automation | ||
| Netapp Snapcenter | ||
| Oracle Business Intelligence | =5.5.0.0.0 | |
| Oracle Business Intelligence | =5.9.0.0.0 | |
| Oracle Business Intelligence | =12.2.1.3.0 | |
| Oracle Business Intelligence | =12.2.1.4.0 | |
| Oracle Communications Cloud Native Core Policy | =1.15.0 | |
| Oracle Enterprise Manager For Storage Management | =13.4.0.0 | |
| Oracle Enterprise Manager Ops Center | =12.4.0.0 | |
| Oracle Essbase | =21.2 | |
| Oracle GraalVM | =19.3.5 | |
| Oracle GraalVM | =20.3.1.2 | |
| Oracle GraalVM | =21.0.0.2 | |
| Oracle Jd Edwards World Security | =a9.4 | |
| Oracle Mysql Enterprise Monitor | <8.0.23 | |
| Oracle Mysql Server | <5.7.33 | |
| Oracle Mysql Server | >=8.0.15<8.0.23 | |
| Oracle PeopleSoft Enterprise PeopleTools | =8.57 | |
| Oracle PeopleSoft Enterprise PeopleTools | =8.58 | |
| Oracle PeopleSoft Enterprise PeopleTools | =8.59 | |
| Oracle ZFS Storage Appliance Kit | =8.8 | |
| Siemens Sinec Ins | <1.0 | |
| Siemens Sinec Ins | =1.0 | |
| Siemens Sinec Ins | =1.0-sp1 | |
| IBM Security Verify Bridge | <=All | |
| redhat/openssl | <1.1.1 | 1.1.1 |
| redhat/openssl | <1.0.2 | 1.0.2 |
| debian/openssl | 1.1.1w-0+deb11u1 1.1.1w-0+deb11u2 3.0.15-1~deb12u1 3.0.14-1~deb12u2 3.3.2-2 |
Remedy
As per upstream "The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources."
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2021-23841 https://nvd.nist.gov/vuln/detail/CVE-2021-23841 https://www.openssl.org/news/secadv/20210216.txt
- https://bugzilla.redhat.com/show_bug.cgi?id=1930310
- https://access.redhat.com/errata/RHSA-2021:4614
- https://access.redhat.com/errata/RHSA-2021:3016
- https://access.redhat.com/errata/RHSA-2021:3798
- https://access.redhat.com/errata/RHSA-2021:4198
- https://access.redhat.com/errata/RHSA-2021:4424
- https://access.redhat.com/errata/RHSA-2021:4613
- https://access.redhat.com/errata/RHSA-2021:4863
- https://access.redhat.com/errata/RHSA-2021:4861
- https://access.redhat.com/security/cve/cve-2021-23841
- https://support.apple.com/en-us/HT212534 (Advisory)
- https://www.openssl.org/news/secadv/20210216.txt
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf
- https://security-tracker.debian.org/tracker/CVE-2021-23841
- https://support.apple.com/en-us/HT212529 (Advisory)
- https://support.apple.com/en-us/HT212528 (Advisory)
- http://seclists.org/fulldisclosure/2021/May/67
- http://seclists.org/fulldisclosure/2021/May/68
- http://seclists.org/fulldisclosure/2021/May/70
- https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846
- https://security.gentoo.org/glsa/202103-03
- https://security.netapp.com/advisory/ntap-20210219-0009/
- https://security.netapp.com/advisory/ntap-20210513-0002/
- https://support.apple.com/kb/HT212528
- https://support.apple.com/kb/HT212529
- https://support.apple.com/kb/HT212534
- https://www.debian.org/security/2021/dsa-4855
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.tenable.com/security/tns-2021-03
- https://www.tenable.com/security/tns-2021-09
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1930313
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1930312
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1930311
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1930315
- https://github.com/openssl/openssl/commit/8130d654d1de922ea224fa18ee3bc7262edc39c0
- https://github.com/openssl/openssl/commit/55869f594f052561b11a2db6a7c42690051868de
- https://access.redhat.com/support/policy/updates/jboss_notes
- https://access.redhat.com/errata/RHSA-2021:1168
- https://access.redhat.com/security/cve/cve-2021-23840
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807
- https://security.netapp.com/advisory/ntap-20240621-0006/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/196847
- https://www.ibm.com/support/pages/node/6491653 (Advisory)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841
- https://nvd.nist.gov/vuln/detail/CVE-2021-23841
- https://launchpad.net/bugs/cve/CVE-2021-23841
- https://ubuntu.com/security/CVE-2021-23841
Parent vulnerabilities
(Appears in the following advisories)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2021-30749
- CVE-2021-30734
- CVE-2021-30744
- CVE-2021-30720
- CVE-2021-30682
- CVE-2021-21779
- CVE-2021-30689
- CVE-2021-30663
- CVE-2021-23841
- CVE-2021-30698
- CVE-2021-30678
- CVE-2021-30676
- CVE-2021-30688
- CVE-2021-30669
- CVE-2021-30707
- CVE-2021-30685
- CVE-2021-30672
- CVE-2021-30681
- CVE-2021-30686
- CVE-2021-30733
- CVE-2021-30753
- CVE-2021-30727
- CVE-2021-30724
- CVE-2021-30673
- CVE-2021-30771
- CVE-2021-30755
- CVE-2021-30684
- CVE-2021-30735
- CVE-2021-30697
- CVE-2021-30710
- CVE-2021-30683
- CVE-2021-30687
- CVE-2021-30700
- CVE-2021-30701
- CVE-2021-30705
- CVE-2021-30706
- CVE-2021-30719
- CVE-2021-30728
- CVE-2021-30726
- CVE-2021-30731
- CVE-2021-30740
- CVE-2021-30704
- CVE-2021-30715
- CVE-2021-30736
- CVE-2021-30739
- CVE-2021-30703
- CVE-2021-30680
- CVE-2021-30677
- CVE-2021-30702
- CVE-2021-30696
- CVE-2021-30756
- CVE-2021-30723
- CVE-2021-30691
- CVE-2021-30692
- CVE-2021-30694
- CVE-2021-30725
- CVE-2021-30746
- CVE-2021-30693
- CVE-2021-30695
- CVE-2021-30708
- CVE-2021-30709
- CVE-2021-30679
- CVE-2020-36226
- CVE-2020-36227
- CVE-2020-36223
- CVE-2020-36224
- CVE-2020-36225
- CVE-2020-36221
- CVE-2020-36228
- CVE-2020-36222
- CVE-2020-36230
- CVE-2020-36229
- CVE-2021-30738
- CVE-2021-30751
- CVE-2021-30737
- CVE-2021-30716
- CVE-2021-30717
- CVE-2021-30721
- CVE-2021-30722
- CVE-2021-30712
- CVE-2021-30668
- CVE-2021-30718
- CVE-2021-30671
- CVE-2021-30713
- CVE-2021-30714
- CVE-2021-30729
- CVE-2021-30674
- CVE-2021-30741
- CVE-2021-1821
- CVE-2021-30699
- CVE-2021-30999
- CVE-2021-30667
Frequently Asked Questions
What is CVE-2021-23841?
CVE-2021-23841 is a vulnerability that involves a null pointer dereference in the OpenSSL public API function X509_issuer_and_serial_hash().
What is the severity of CVE-2021-23841?
The severity of CVE-2021-23841 is medium with a CVSS score of 5.9.
How does CVE-2021-23841 affect Safari?
CVE-2021-23841 may affect Safari users, but it is recommended to refer to Apple's support page for specific information and remedies.
How do I fix CVE-2021-23841 on Red Hat products?
To fix CVE-2021-23841 on Red Hat products, update the affected packages to the specified versions provided by Red Hat.
What are the references for CVE-2021-23841?
The references for CVE-2021-23841 can be found at the following URLs: 1. [Apple Support - HT212529](https://support.apple.com/en-us/HT212529) 2. [Apple Support - HT212534](https://support.apple.com/en-us/HT212534) 3. [Apple Support - HT212528](https://support.apple.com/en-us/HT212528)
- collector/redhat-cve
- collector/apple-support
- alias/CVE-2021-30698
- agent/first-publish-date
- agent/type
- agent/software-canonical-lookup-request
- agent/severity
- agent/remedy
- agent/weakness
- collector/nvd-index
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2021-23841
- agent/software-canonical-lookup
- agent/title
- collector/nvd-api
- source/NVD
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/softwarecombine
- collector/ibm-support
- source/IBM
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/tags
- agent/description
- agent/event
- collector/launchpad-cve
- source/Launchpad
- collector/security-tracker-debian
- source/Debian
- collector/nvd-cve
- package-manager/redhat
- vendor/apple
- canonical/apple safari
- canonical/apple macos big sur
- canonical/apple ios
- canonical/apple ipados
- vendor/openssl
- canonical/openssl openssl
- version/openssl openssl/1.0.2
- version/openssl openssl/1.1.1
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/10.0
- vendor/tenable
- canonical/tenable nessus network monitor
- version/tenable nessus network monitor/5.11.0
- version/tenable nessus network monitor/5.11.1
- version/tenable nessus network monitor/5.12.0
- version/tenable nessus network monitor/5.12.1
- version/tenable nessus network monitor/5.13.0
- canonical/tenable tenable.sc
- version/tenable tenable.sc/5.13.0
- version/tenable tenable.sc/5.17.0
- canonical/apple iphone os
- canonical/apple macos
- version/apple macos/11.1
- vendor/netapp
- canonical/netapp oncommand insight
- canonical/netapp oncommand workflow automation
- canonical/netapp snapcenter
- vendor/oracle
- canonical/oracle business intelligence
- version/oracle business intelligence/5.5.0.0.0
- version/oracle business intelligence/5.9.0.0.0
- version/oracle business intelligence/12.2.1.3.0
- version/oracle business intelligence/12.2.1.4.0
- canonical/oracle communications cloud native core policy
- version/oracle communications cloud native core policy/1.15.0
- canonical/oracle enterprise manager for storage management
- version/oracle enterprise manager for storage management/13.4.0.0
- canonical/oracle enterprise manager ops center
- version/oracle enterprise manager ops center/12.4.0.0
- canonical/oracle essbase
- version/oracle essbase/21.2
- canonical/oracle graalvm
- version/oracle graalvm/19.3.5
- version/oracle graalvm/20.3.1.2
- version/oracle graalvm/21.0.0.2
- canonical/oracle jd edwards world security
- version/oracle jd edwards world security/a9.4
- canonical/oracle mysql enterprise monitor
- canonical/oracle mysql server
- version/oracle mysql server/8.0.15
- canonical/oracle peoplesoft enterprise peopletools
- version/oracle peoplesoft enterprise peopletools/8.57
- version/oracle peoplesoft enterprise peopletools/8.58
- version/oracle peoplesoft enterprise peopletools/8.59
- canonical/oracle zfs storage appliance kit
- version/oracle zfs storage appliance kit/8.8
- vendor/siemens
- canonical/siemens sinec ins
- version/siemens sinec ins/1.0
- version/siemens sinec ins/1.0-sp1
- vendor/ibm
- canonical/ibm security verify bridge
- version/ibm security verify bridge/all
- package-manager/debian