CVE-2021-23841: Null pointer deref in X509_issuer_and_serial_hash()
First published: Tue Feb 16 2021(Updated: )
Last updated 24 July 2024
Credit: Tavis Ormandy Google openssl-security@openssl.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/jbcs-httpd24-apr | <0:1.6.3-107.el8 | 0:1.6.3-107.el8 |
| redhat/jbcs-httpd24-apr-util | <0:1.6.1-84.el8 | 0:1.6.1-84.el8 |
| redhat/jbcs-httpd24-curl | <0:7.78.0-2.el8 | 0:7.78.0-2.el8 |
| redhat/jbcs-httpd24-httpd | <0:2.4.37-78.el8 | 0:2.4.37-78.el8 |
| redhat/jbcs-httpd24-nghttp2 | <0:1.39.2-39.el8 | 0:1.39.2-39.el8 |
| redhat/jbcs-httpd24-openssl | <1:1.1.1g-8.el8 | 1:1.1.1g-8.el8 |
| redhat/jbcs-httpd24-openssl-chil | <0:1.0.0-7.el8 | 0:1.0.0-7.el8 |
| redhat/jbcs-httpd24-openssl-pkcs11 | <0:0.4.10-22.el8 | 0:0.4.10-22.el8 |
| redhat/jbcs-httpd24-apr | <0:1.6.3-107.jbcs.el7 | 0:1.6.3-107.jbcs.el7 |
| redhat/jbcs-httpd24-apr-util | <0:1.6.1-84.jbcs.el7 | 0:1.6.1-84.jbcs.el7 |
| redhat/jbcs-httpd24-curl | <0:7.78.0-2.jbcs.el7 | 0:7.78.0-2.jbcs.el7 |
| redhat/jbcs-httpd24-httpd | <0:2.4.37-78.jbcs.el7 | 0:2.4.37-78.jbcs.el7 |
| redhat/jbcs-httpd24-nghttp2 | <0:1.39.2-39.jbcs.el7 | 0:1.39.2-39.jbcs.el7 |
| redhat/jbcs-httpd24-openssl | <1:1.1.1g-8.jbcs.el7 | 1:1.1.1g-8.jbcs.el7 |
| redhat/jbcs-httpd24-openssl-chil | <0:1.0.0-7.jbcs.el7 | 0:1.0.0-7.jbcs.el7 |
| redhat/jbcs-httpd24-openssl-pkcs11 | <0:0.4.10-22.jbcs.el7 | 0:0.4.10-22.jbcs.el7 |
| redhat/openssl | <1:1.0.2k-22.el7_9 | 1:1.0.2k-22.el7_9 |
| redhat/edk2 | <0:20210527gite1999b264f1f-3.el8 | 0:20210527gite1999b264f1f-3.el8 |
| redhat/openssl | <1:1.1.1k-4.el8 | 1:1.1.1k-4.el8 |
| redhat/jws5-tomcat | <0:9.0.50-3.redhat_00004.1.el7 | 0:9.0.50-3.redhat_00004.1.el7 |
| redhat/jws5-tomcat-native | <0:1.2.30-3.redhat_3.el7 | 0:1.2.30-3.redhat_3.el7 |
| redhat/jws5-tomcat-vault | <0:1.1.8-4.Final_redhat_00004.1.el7 | 0:1.1.8-4.Final_redhat_00004.1.el7 |
| redhat/jws5-tomcat | <0:9.0.50-3.redhat_00004.1.el8 | 0:9.0.50-3.redhat_00004.1.el8 |
| redhat/jws5-tomcat-native | <0:1.2.30-3.redhat_3.el8 | 0:1.2.30-3.redhat_3.el8 |
| redhat/jws5-tomcat-vault | <0:1.1.8-4.Final_redhat_00004.1.el8 | 0:1.1.8-4.Final_redhat_00004.1.el8 |
| IBM Security Verify Bridge | <=All | |
| redhat/openssl | <1.1.1 | 1.1.1 |
| redhat/openssl | <1.0.2 | 1.0.2 |
| Apple macOS | <11.4 | 11.4 |
| Apple Mobile Safari | <14.1.1 | 14.1.1 |
| Apple iOS, iPadOS, and watchOS | <14.6 | 14.6 |
| Apple iOS, iPadOS, and watchOS | <14.6 | 14.6 |
| OpenSSL libcrypto | >=1.0.2<1.0.2y | |
| OpenSSL libcrypto | >=1.1.1<1.1.1j | |
| Debian | =10.0 | |
| Tenable Nessus Network Monitor | =5.11.0 | |
| Tenable Nessus Network Monitor | =5.11.1 | |
| Tenable Nessus Network Monitor | =5.12.0 | |
| Tenable Nessus Network Monitor | =5.12.1 | |
| Tenable Nessus Network Monitor | =5.13.0 | |
| tenable tenable.sc | >=5.13.0<=5.17.0 | |
| Apple Mobile Safari | <14.1.1 | |
| Apple iOS, iPadOS, and watchOS | <14.6 | |
| iOS | <14.6 | |
| Apple iOS and macOS | >=11.1<11.4 | |
| NetApp OnCommand Insight | ||
| NetApp OnCommand Workflow Automation | ||
| NetApp SnapCenter | ||
| Oracle Business Intelligence Enterprise Edition | =5.5.0.0.0 | |
| Oracle Business Intelligence Enterprise Edition | =5.9.0.0.0 | |
| Oracle Business Intelligence Enterprise Edition | =12.2.1.3.0 | |
| Oracle Business Intelligence Enterprise Edition | =12.2.1.4.0 | |
| oracle communications Cloud native core policy | =1.15.0 | |
| oracle enterprise manager for storage management | =13.4.0.0 | |
| Oracle Enterprise Manager Ops Center | =12.4.0.0 | |
| Oracle Hyperion Essbase | =21.2 | |
| Oracle GraalVM Enterprise Edition | =19.3.5 | |
| Oracle GraalVM Enterprise Edition | =20.3.1.2 | |
| Oracle GraalVM Enterprise Edition | =21.0.0.2 | |
| oracle jd edwards world security | =a9.4 | |
| MySQL Enterprise Monitor | <8.0.23 | |
| MySQL | <5.7.33 | |
| MySQL | >=8.0.15<8.0.23 | |
| Oracle PeopleSoft Enterprise PeopleTools | =8.57 | |
| Oracle PeopleSoft Enterprise PeopleTools | =8.58 | |
| Oracle PeopleSoft Enterprise PeopleTools | =8.59 | |
| Oracle Sun ZFS Storage Appliance Kit | =8.8 | |
| siemens sinec ins | <1.0 | |
| siemens sinec ins | =1.0 | |
| siemens sinec ins | =1.0-sp1 | |
| debian/openssl | 1.1.1w-0+deb11u1 1.1.1w-0+deb11u2 3.0.15-1~deb12u1 3.0.14-1~deb12u2 3.4.1-1 |
Remedy
As per upstream "The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources."
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2021-23841 https://nvd.nist.gov/vuln/detail/CVE-2021-23841 https://www.openssl.org/news/secadv/20210216.txt
- https://bugzilla.redhat.com/show_bug.cgi?id=1930310
- https://access.redhat.com/errata/RHSA-2021:4614
- https://access.redhat.com/errata/RHSA-2021:3016
- https://access.redhat.com/errata/RHSA-2021:3798
- https://access.redhat.com/errata/RHSA-2021:4198
- https://access.redhat.com/errata/RHSA-2021:4424
- https://access.redhat.com/errata/RHSA-2021:4613
- https://access.redhat.com/errata/RHSA-2021:4863
- https://access.redhat.com/errata/RHSA-2021:4861
- https://access.redhat.com/security/cve/cve-2021-23841
- https://support.apple.com/en-us/HT212534 (Advisory)
- https://www.openssl.org/news/secadv/20210216.txt
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf
- https://security-tracker.debian.org/tracker/CVE-2021-23841
- https://support.apple.com/en-us/HT212529 (Advisory)
- https://support.apple.com/en-us/HT212528 (Advisory)
- http://seclists.org/fulldisclosure/2021/May/67
- http://seclists.org/fulldisclosure/2021/May/68
- http://seclists.org/fulldisclosure/2021/May/70
- https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846
- https://security.gentoo.org/glsa/202103-03
- https://security.netapp.com/advisory/ntap-20210219-0009/
- https://security.netapp.com/advisory/ntap-20210513-0002/
- https://support.apple.com/kb/HT212528
- https://support.apple.com/kb/HT212529
- https://support.apple.com/kb/HT212534
- https://www.debian.org/security/2021/dsa-4855
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.tenable.com/security/tns-2021-03
- https://www.tenable.com/security/tns-2021-09
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1930313
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1930312
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1930311
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1930315
- https://github.com/openssl/openssl/commit/8130d654d1de922ea224fa18ee3bc7262edc39c0
- https://github.com/openssl/openssl/commit/55869f594f052561b11a2db6a7c42690051868de
- https://access.redhat.com/support/policy/updates/jboss_notes
- https://access.redhat.com/errata/RHSA-2021:1168
- https://access.redhat.com/security/cve/cve-2021-23840
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807
- https://security.netapp.com/advisory/ntap-20240621-0006/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/196847
- https://www.ibm.com/support/pages/node/6491653 (Advisory)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841
- https://nvd.nist.gov/vuln/detail/CVE-2021-23841
- https://launchpad.net/bugs/cve/CVE-2021-23841
- https://ubuntu.com/security/CVE-2021-23841
Parent vulnerabilities
(Appears in the following advisories)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2021-30678
- CVE-2021-30676
- CVE-2021-30688
- CVE-2021-30669
- CVE-2021-30707
- CVE-2021-30685
- CVE-2021-30672
- CVE-2021-30681
- CVE-2021-30686
- CVE-2021-30733
- CVE-2021-30753
- CVE-2021-30727
- CVE-2021-30724
- CVE-2021-30673
- CVE-2021-30771
- CVE-2021-30755
- CVE-2021-30684
- CVE-2021-30735
- CVE-2021-30697
- CVE-2021-30710
- CVE-2021-30683
- CVE-2021-30687
- CVE-2021-30700
- CVE-2021-30701
- CVE-2021-30705
- CVE-2021-30706
- CVE-2021-30719
- CVE-2021-30728
- CVE-2021-30726
- CVE-2021-30731
- CVE-2021-30740
- CVE-2021-30704
- CVE-2021-30715
- CVE-2021-30736
- CVE-2021-30739
- CVE-2021-30703
- CVE-2021-30680
- CVE-2021-30677
- CVE-2021-30702
- CVE-2021-30696
- CVE-2021-30756
- CVE-2021-30723
- CVE-2021-30691
- CVE-2021-30692
- CVE-2021-30694
- CVE-2021-30725
- CVE-2021-30746
- CVE-2021-30693
- CVE-2021-30695
- CVE-2021-30708
- CVE-2021-30709
- CVE-2021-30679
- CVE-2020-36226
- CVE-2020-36227
- CVE-2020-36223
- CVE-2020-36224
- CVE-2020-36225
- CVE-2020-36221
- CVE-2020-36228
- CVE-2020-36222
- CVE-2020-36230
- CVE-2020-36229
- CVE-2021-30738
- CVE-2021-30751
- CVE-2021-30737
- CVE-2021-30716
- CVE-2021-30717
- CVE-2021-30721
- CVE-2021-30722
- CVE-2021-30712
- CVE-2021-30668
- CVE-2021-30718
- CVE-2021-30671
- CVE-2021-30713
- CVE-2021-30744
- CVE-2021-21779
- CVE-2021-30682
- CVE-2021-30689
- CVE-2021-30749
- CVE-2021-30734
- CVE-2021-30720
- CVE-2021-23841
- CVE-2021-30698
- CVE-2021-30663
- CVE-2021-30714
- CVE-2021-30729
- CVE-2021-30674
- CVE-2021-30741
- CVE-2021-1821
- CVE-2021-30699
- CVE-2021-30999
- CVE-2021-30667
Frequently Asked Questions
What is CVE-2021-23841?
CVE-2021-23841 is a vulnerability that involves a null pointer dereference in the OpenSSL public API function X509_issuer_and_serial_hash().
What is the severity of CVE-2021-23841?
The severity of CVE-2021-23841 is medium with a CVSS score of 5.9.
How does CVE-2021-23841 affect Safari?
CVE-2021-23841 may affect Safari users, but it is recommended to refer to Apple's support page for specific information and remedies.
How do I fix CVE-2021-23841 on Red Hat products?
To fix CVE-2021-23841 on Red Hat products, update the affected packages to the specified versions provided by Red Hat.
What are the references for CVE-2021-23841?
The references for CVE-2021-23841 can be found at the following URLs: 1. [Apple Support - HT212529](https://support.apple.com/en-us/HT212529) 2. [Apple Support - HT212534](https://support.apple.com/en-us/HT212534) 3. [Apple Support - HT212528](https://support.apple.com/en-us/HT212528)
- collector/redhat-cve
- agent/first-publish-date
- agent/type
- agent/severity
- agent/remedy
- agent/weakness
- agent/title
- collector/mitre-cve
- source/MITRE
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/description
- collector/launchpad-cve
- source/Launchpad
- agent/trending
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2021-23841
- agent/last-modified-date
- collector/apple-support
- alias/CVE-2021-30698
- agent/software-canonical-lookup-request
- agent/source
- agent/author
- collector/nvd-api
- source/NVD
- collector/nvd-cve
- collector/nvd-index
- agent/event
- agent/softwarecombine
- agent/tags
- collector/security-tracker-debian
- source/Debian
- package-manager/redhat
- vendor/ibm
- canonical/ibm security verify bridge
- version/ibm security verify bridge/all
- vendor/apple
- canonical/apple macos
- canonical/apple mobile safari
- canonical/apple ios, ipados, and watchos
- vendor/openssl
- canonical/openssl libcrypto
- version/openssl libcrypto/1.0.2
- version/openssl libcrypto/1.1.1
- vendor/debian
- canonical/debian
- version/debian/10.0
- vendor/tenable
- canonical/tenable nessus network monitor
- version/tenable nessus network monitor/5.11.0
- version/tenable nessus network monitor/5.11.1
- version/tenable nessus network monitor/5.12.0
- version/tenable nessus network monitor/5.12.1
- version/tenable nessus network monitor/5.13.0
- canonical/tenable tenable.sc
- version/tenable tenable.sc/5.13.0
- version/tenable tenable.sc/5.17.0
- canonical/ios
- canonical/apple ios and macos
- version/apple ios and macos/11.1
- vendor/netapp
- canonical/netapp oncommand insight
- canonical/netapp oncommand workflow automation
- canonical/netapp snapcenter
- vendor/oracle
- canonical/oracle business intelligence enterprise edition
- version/oracle business intelligence enterprise edition/5.5.0.0.0
- version/oracle business intelligence enterprise edition/5.9.0.0.0
- version/oracle business intelligence enterprise edition/12.2.1.3.0
- version/oracle business intelligence enterprise edition/12.2.1.4.0
- canonical/oracle communications cloud native core policy
- version/oracle communications cloud native core policy/1.15.0
- canonical/oracle enterprise manager for storage management
- version/oracle enterprise manager for storage management/13.4.0.0
- canonical/oracle enterprise manager ops center
- version/oracle enterprise manager ops center/12.4.0.0
- canonical/oracle hyperion essbase
- version/oracle hyperion essbase/21.2
- canonical/oracle graalvm enterprise edition
- version/oracle graalvm enterprise edition/19.3.5
- version/oracle graalvm enterprise edition/20.3.1.2
- version/oracle graalvm enterprise edition/21.0.0.2
- canonical/oracle jd edwards world security
- version/oracle jd edwards world security/a9.4
- canonical/mysql enterprise monitor
- canonical/mysql
- version/mysql/8.0.15
- canonical/oracle peoplesoft enterprise peopletools
- version/oracle peoplesoft enterprise peopletools/8.57
- version/oracle peoplesoft enterprise peopletools/8.58
- version/oracle peoplesoft enterprise peopletools/8.59
- canonical/oracle sun zfs storage appliance kit
- version/oracle sun zfs storage appliance kit/8.8
- vendor/siemens
- canonical/siemens sinec ins
- version/siemens sinec ins/1.0
- version/siemens sinec ins/1.0-sp1
- package-manager/debian