CVE-2021-3711: SM2 Decryption Buffer Overflow
First published: Thu Aug 19 2021(Updated: )
A flaw was found in openssl. A miscalculation of a buffer size was found in openssl's SM2 decryption function, allowing up to 62 arbitrary bytes to be written outside of the buffer. A remote attacker could use this flaw to crash an application supporting SM2 signature or encryption algorithm, or, possibly, execute arbitrary code with the permissions of the user running that application. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Credit: openssl-security@openssl.org openssl-security@openssl.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/openssl | <1.1.1 | 1.1.1 |
| rust/openssl-src | <111.16.0 | 111.16.0 |
| debian/openssl | 1.1.1w-0+deb11u1 1.1.1w-0+deb11u2 3.0.15-1~deb12u1 3.0.14-1~deb12u2 3.4.1-1 | |
| IBM Cognos Analytics | <=IBM Cognos Analytics 11.2.x | |
| IBM Cognos Analytics | <=IBM Cognos Analytics 11.1.x | |
| OpenSSL | >=1.1.1<1.1.1l | |
| Debian | =10.0 | |
| Debian | =11.0 | |
| NetApp Active IQ Unified Manager for VMware vSphere | ||
| NetApp Active IQ Unified Manager | ||
| IBM Data ONTAP | ||
| NetApp ONTAP Antivirus Connector | ||
| NetApp E-Series SANtricity OS Controller | >=11.0<=11.50.2 | |
| NetApp HCI Management Node | ||
| NetApp Manageability SDK | ||
| NetApp OnCommand Insight | ||
| NetApp OnCommand Workflow Automation | ||
| NetApp SANtricity SMI-S Provider Firmware | ||
| NetApp SnapCenter | ||
| NetApp SolidFire & HCI Storage Node | ||
| NetApp Storage Encryption | ||
| Oracle Communications Cloud Native Core Network Repository Function | =1.7.0 | |
| Oracle Communications Cloud Native Core Unified Data Repository | =1.15.0 | |
| Oracle Communications Session Border Controller | =8.4 | |
| Oracle Communications Session Border Controller | =9.0 | |
| Oracle Communications Unified Session Manager | =8.2.5 | |
| Oracle Communications Unified Session Manager | =8.4.5 | |
| Oracle Enterprise Communications Broker | =3.2.0 | |
| Oracle Enterprise Communications Broker | =3.3.0 | |
| Oracle Enterprise Session Border Controller | =8.4 | |
| Oracle Enterprise Session Border Controller | =9.0 | |
| Oracle Hyperion Essbase | <11.1.2.4.47 | |
| Oracle Hyperion Essbase | >=21.1<21.3 | |
| Oracle Health Sciences InForm | =6.2.1.1 | |
| Oracle Health Sciences InForm | =6.3.1.1 | |
| Oracle JD Edwards EnterpriseOne Tools | <9.2.6.3 | |
| Oracle JD Edwards World Security | =a9.4 | |
| Oracle MySQL Connectors | <=8.0.27 | |
| MySQL Enterprise Monitor | <=8.0.25 | |
| Oracle MySQL | >=5.7.0<=5.7.35 | |
| Oracle MySQL | >=8.0.0<=8.0.26 | |
| Oracle Peoplesoft Enterprise Campus Software Campus Community | =8.57 | |
| Oracle Peoplesoft Enterprise Campus Software Campus Community | =8.58 | |
| Oracle Peoplesoft Enterprise Campus Software Campus Community | =8.59 | |
| Oracle Storage Cloud Software Appliance | =8.8 | |
| Tenable Nessus | <=5.13.1 | |
| Tenable.sc | >=5.16.0<=5.19.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2021-3711 https://nvd.nist.gov/vuln/detail/CVE-2021-3711 https://www.openssl.org/news/secadv/20210824.txt
- https://bugzilla.redhat.com/show_bug.cgi?id=1995623
- https://access.redhat.com/security/cve/cve-2021-3711
- https://www.openssl.org/news/secadv/20210824.txt
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=59f5e75f3bced8fc0e130d72a3f582cf7b480b46
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=733fa41c3fc4bcac37f94aa917f7242420f8a5a6
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=515ac8b5e544dd713a2b4cabfc54b722d122c218
- https://security-tracker.debian.org/tracker/CVE-2021-3711
- https://github.com/openssl/openssl/commit/59f5e75f3bced8fc0e130d72a3f582cf7b480b46
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1997212
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1997210
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1997211
- https://access.redhat.com/errata/RHSA-2021:4618
- http://www.openwall.com/lists/oss-security/2021/08/26/2
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E
- https://security.gentoo.org/glsa/202209-02
- https://security.gentoo.org/glsa/202210-02
- https://security.netapp.com/advisory/ntap-20210827-0010/
- https://security.netapp.com/advisory/ntap-20211022-0003/
- https://www.debian.org/security/2021/dsa-4963
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.tenable.com/security/tns-2021-16
- https://www.tenable.com/security/tns-2022-02
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=59f5e75f3bced8fc0e130d72a3f582cf7b480b46
- https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1%40%3Cdev.tomcat.apache.org%3E
- https://security.netapp.com/advisory/ntap-20240621-0006/
- https://nvd.nist.gov/vuln/detail/CVE-2021-3711
- https://rustsec.org/advisories/RUSTSEC-2021-0097.html
- https://security.netapp.com/advisory/ntap-20240621-0006
- https://security.netapp.com/advisory/ntap-20211022-0003
- https://security.netapp.com/advisory/ntap-20210827-0010
- https://github.com/advisories/GHSA-5ww6-px42-wc85 (Advisory)
- https://exchange.xforce.ibmcloud.com/vulnerabilities/208072
- https://www.ibm.com/support/pages/node/6828527 (Advisory)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3711
- https://launchpad.net/bugs/cve/CVE-2021-3711
- https://ubuntu.com/security/CVE-2021-3711
Frequently Asked Questions
What is the vulnerability ID for this OpenSSL vulnerability?
The vulnerability ID for this OpenSSL vulnerability is CVE-2021-3711.
What is the severity level of CVE-2021-3711?
CVE-2021-3711 has a severity level of critical.
Which software versions are affected by CVE-2021-3711?
CVE-2021-3711 affects OpenSSL versions 1.1.1 and earlier, IBM Cognos Analytics 11.2.x, IBM Cognos Analytics 11.1.x, and various other software products.
How can I fix this vulnerability?
To fix CVE-2021-3711, upgrade to OpenSSL version 1.1.1n or later.
Where can I find more information about CVE-2021-3711?
More information about CVE-2021-3711 can be found in the references: [link1](https://github.com/openssl/openssl/commit/59f5e75f3bced8fc0e130d72a3f582cf7b480b46), [link2](https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1997212), [link3](https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1997210).
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- agent/remedy
- agent/weakness
- agent/severity
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2021-3711
- agent/software-canonical-lookup
- agent/title
- agent/author
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-5ww6-px42-wc85
- collector/github-advisory
- collector/mitre-cve
- source/MITRE
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/description
- collector/launchpad-cve
- source/Launchpad
- agent/last-modified-date
- agent/trending
- agent/source
- agent/event
- collector/security-tracker-debian
- source/Debian
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- collector/nvd-cve
- collector/nvd-index
- package-manager/redhat
- package-manager/rust
- package-manager/debian
- vendor/ibm
- canonical/ibm cognos analytics
- version/ibm cognos analytics/ibm cognos analytics 11.2.x
- version/ibm cognos analytics/ibm cognos analytics 11.1.x
- vendor/openssl
- canonical/openssl
- version/openssl/1.1.1
- vendor/debian
- canonical/debian
- version/debian/10.0
- version/debian/11.0
- vendor/netapp
- canonical/netapp active iq unified manager for vmware vsphere
- canonical/netapp active iq unified manager
- canonical/ibm data ontap
- canonical/netapp ontap antivirus connector
- canonical/netapp e-series santricity os controller
- version/netapp e-series santricity os controller/11.0
- version/netapp e-series santricity os controller/11.50.2
- canonical/netapp hci management node
- canonical/netapp manageability sdk
- canonical/netapp oncommand insight
- canonical/netapp oncommand workflow automation
- canonical/netapp santricity smi-s provider firmware
- canonical/netapp snapcenter
- canonical/netapp solidfire & hci storage node
- canonical/netapp storage encryption
- vendor/oracle
- canonical/oracle communications cloud native core network repository function
- version/oracle communications cloud native core network repository function/1.7.0
- canonical/oracle communications cloud native core unified data repository
- version/oracle communications cloud native core unified data repository/1.15.0
- canonical/oracle communications session border controller
- version/oracle communications session border controller/8.4
- version/oracle communications session border controller/9.0
- canonical/oracle communications unified session manager
- version/oracle communications unified session manager/8.2.5
- version/oracle communications unified session manager/8.4.5
- canonical/oracle enterprise communications broker
- version/oracle enterprise communications broker/3.2.0
- version/oracle enterprise communications broker/3.3.0
- canonical/oracle enterprise session border controller
- version/oracle enterprise session border controller/8.4
- version/oracle enterprise session border controller/9.0
- canonical/oracle hyperion essbase
- version/oracle hyperion essbase/21.1
- canonical/oracle health sciences inform
- version/oracle health sciences inform/6.2.1.1
- version/oracle health sciences inform/6.3.1.1
- canonical/oracle jd edwards enterpriseone tools
- canonical/oracle jd edwards world security
- version/oracle jd edwards world security/a9.4
- canonical/oracle mysql connectors
- version/oracle mysql connectors/8.0.27
- canonical/mysql enterprise monitor
- version/mysql enterprise monitor/8.0.25
- canonical/oracle mysql
- version/oracle mysql/5.7.0
- version/oracle mysql/5.7.35
- version/oracle mysql/8.0.0
- version/oracle mysql/8.0.26
- canonical/oracle peoplesoft enterprise campus software campus community
- version/oracle peoplesoft enterprise campus software campus community/8.57
- version/oracle peoplesoft enterprise campus software campus community/8.58
- version/oracle peoplesoft enterprise campus software campus community/8.59
- canonical/oracle storage cloud software appliance
- version/oracle storage cloud software appliance/8.8
- vendor/tenable
- canonical/tenable nessus
- version/tenable nessus/5.13.1
- canonical/tenable.sc
- version/tenable.sc/5.16.0
- version/tenable.sc/5.19.1