CVE-2021-23840
Integer overflow in CipherUpdate
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).
Las llamadas a EVP_CipherUpdate, EVP_EncryptUpdate y EVP_DecryptUpdate, pueden desbordar el argumento de la longitud de salida en algunos casos en los que la longitud de entrada está cerca de la longitud máxima permitida para un entero en la plataforma. En tales casos, el valor de retorno de la llamada a la función será 1 (indicando success), pero el valor de la longitud de salida será negativo. Esto podría causar que las aplicaciones se comporten de forma incorrecta o se bloqueen. Las versiones de OpenSSL 1.1.1i e inferiores están afectadas por este problema. Los usuarios de estas versiones deberían actualizar a OpenSSL versión 1.1.1j. Las versiones de OpenSSL 1.0.2x e inferiores están afectadas por este problema. Sin embargo, OpenSSL versión 1.0.2 está fuera de soporte y ya no recibe actualizaciones públicas. Los clientes con soporte Premium de OpenSSL versión 1.0.2 deben actualizar a la versión 1.0.2y. Los demás usuarios deben actualizar a la versión 1.1.1j. Corregido en OpenSSL versión 1.1.1j (Afectó versiones 1.1.1-1.1.1i). Corregido en OpenSSL versión 1.0.2y (Afectó versiones 1.0.2-1.0.2x)
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissible length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash.
*Credits:
Paul Kehrer
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-01-12 CVE Reserved
- 2021-02-16 CVE Published
- 2024-03-21 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-190: Integer Overflow or Wraparound
CAPEC
References (22)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.oracle.com//security-alerts/cpujul2021.html | 2024-06-21 | |
| https://www.oracle.com/security-alerts/cpuApr2021.html | 2024-06-21 | |
| https://www.oracle.com/security-alerts/cpuapr2022.html | 2024-06-21 | |
| https://www.oracle.com/security-alerts/cpujan2022.html | 2024-06-21 | |
| https://www.oracle.com/security-alerts/cpuoct2021.html | 2024-06-21 |
| URL | Date | SRC |
|---|---|---|
| https://security.gentoo.org/glsa/202103-03 | 2024-06-21 | |
| https://www.debian.org/security/2021/dsa-4855 | 2024-06-21 | |
| https://www.openssl.org/news/secadv/20210216.txt | 2024-06-21 | |
| https://access.redhat.com/security/cve/CVE-2021-23840 | 2021-11-30 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1930324 | 2021-11-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Fujitsu Search vendor "Fujitsu" | M10-1 Firmware Search vendor "Fujitsu" for product "M10-1 Firmware" | < xcp2410 Search vendor "Fujitsu" for product "M10-1 Firmware" and version " < xcp2410" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | M10-1 Search vendor "Fujitsu" for product "M10-1" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | M10-4 Firmware Search vendor "Fujitsu" for product "M10-4 Firmware" | < xcp2410 Search vendor "Fujitsu" for product "M10-4 Firmware" and version " < xcp2410" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | M10-4 Search vendor "Fujitsu" for product "M10-4" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | M10-4s Firmware Search vendor "Fujitsu" for product "M10-4s Firmware" | < xcp2410 Search vendor "Fujitsu" for product "M10-4s Firmware" and version " < xcp2410" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | M10-4s Search vendor "Fujitsu" for product "M10-4s" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | M12-1 Firmware Search vendor "Fujitsu" for product "M12-1 Firmware" | < xcp2410 Search vendor "Fujitsu" for product "M12-1 Firmware" and version " < xcp2410" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | M12-1 Search vendor "Fujitsu" for product "M12-1" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | M12-2 Firmware Search vendor "Fujitsu" for product "M12-2 Firmware" | < xcp2410 Search vendor "Fujitsu" for product "M12-2 Firmware" and version " < xcp2410" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | M12-2 Search vendor "Fujitsu" for product "M12-2" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | M12-2s Firmware Search vendor "Fujitsu" for product "M12-2s Firmware" | < xcp2410 Search vendor "Fujitsu" for product "M12-2s Firmware" and version " < xcp2410" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | M12-2s Search vendor "Fujitsu" for product "M12-2s" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | M10-1 Firmware Search vendor "Fujitsu" for product "M10-1 Firmware" | < xcp3110 Search vendor "Fujitsu" for product "M10-1 Firmware" and version " < xcp3110" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | M10-1 Search vendor "Fujitsu" for product "M10-1" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | M10-4 Firmware Search vendor "Fujitsu" for product "M10-4 Firmware" | < xcp3110 Search vendor "Fujitsu" for product "M10-4 Firmware" and version " < xcp3110" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | M10-4 Search vendor "Fujitsu" for product "M10-4" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | M10-4s Firmware Search vendor "Fujitsu" for product "M10-4s Firmware" | < xcp3110 Search vendor "Fujitsu" for product "M10-4s Firmware" and version " < xcp3110" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | M10-4s Search vendor "Fujitsu" for product "M10-4s" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | M12-1 Firmware Search vendor "Fujitsu" for product "M12-1 Firmware" | < xcp3110 Search vendor "Fujitsu" for product "M12-1 Firmware" and version " < xcp3110" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | M12-1 Search vendor "Fujitsu" for product "M12-1" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | M12-2 Firmware Search vendor "Fujitsu" for product "M12-2 Firmware" | < xcp3110 Search vendor "Fujitsu" for product "M12-2 Firmware" and version " < xcp3110" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | M12-2 Search vendor "Fujitsu" for product "M12-2" | - | - |
Safe
|
| Fujitsu Search vendor "Fujitsu" | M12-2s Firmware Search vendor "Fujitsu" for product "M12-2s Firmware" | < xcp3110 Search vendor "Fujitsu" for product "M12-2s Firmware" and version " < xcp3110" | - |
Affected
| in | Fujitsu Search vendor "Fujitsu" | M12-2s Search vendor "Fujitsu" for product "M12-2s" | - | - |
Safe
|
| Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | >= 1.0.2 < 1.0.2y Search vendor "Openssl" for product "Openssl" and version " >= 1.0.2 < 1.0.2y" | - |
Affected
| ||||||
| Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | >= 1.1.1 < 1.1.1j Search vendor "Openssl" for product "Openssl" and version " >= 1.1.1 < 1.1.1j" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
| Tenable Search vendor "Tenable" | Log Correlation Engine Search vendor "Tenable" for product "Log Correlation Engine" | < 6.0.8 Search vendor "Tenable" for product "Log Correlation Engine" and version " < 6.0.8" | - |
Affected
| ||||||
| Tenable Search vendor "Tenable" | Nessus Network Monitor Search vendor "Tenable" for product "Nessus Network Monitor" | 5.11.0 Search vendor "Tenable" for product "Nessus Network Monitor" and version "5.11.0" | - |
Affected
| ||||||
| Tenable Search vendor "Tenable" | Nessus Network Monitor Search vendor "Tenable" for product "Nessus Network Monitor" | 5.11.1 Search vendor "Tenable" for product "Nessus Network Monitor" and version "5.11.1" | - |
Affected
| ||||||
| Tenable Search vendor "Tenable" | Nessus Network Monitor Search vendor "Tenable" for product "Nessus Network Monitor" | 5.12.0 Search vendor "Tenable" for product "Nessus Network Monitor" and version "5.12.0" | - |
Affected
| ||||||
| Tenable Search vendor "Tenable" | Nessus Network Monitor Search vendor "Tenable" for product "Nessus Network Monitor" | 5.12.1 Search vendor "Tenable" for product "Nessus Network Monitor" and version "5.12.1" | - |
Affected
| ||||||
| Tenable Search vendor "Tenable" | Nessus Network Monitor Search vendor "Tenable" for product "Nessus Network Monitor" | 5.13.0 Search vendor "Tenable" for product "Nessus Network Monitor" and version "5.13.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Business Intelligence Search vendor "Oracle" for product "Business Intelligence" | 5.5.0.0.0 Search vendor "Oracle" for product "Business Intelligence" and version "5.5.0.0.0" | enterprise |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Business Intelligence Search vendor "Oracle" for product "Business Intelligence" | 5.9.0.0.0 Search vendor "Oracle" for product "Business Intelligence" and version "5.9.0.0.0" | enterprise |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Business Intelligence Search vendor "Oracle" for product "Business Intelligence" | 12.2.1.3.0 Search vendor "Oracle" for product "Business Intelligence" and version "12.2.1.3.0" | enterprise |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Business Intelligence Search vendor "Oracle" for product "Business Intelligence" | 12.2.1.4.0 Search vendor "Oracle" for product "Business Intelligence" and version "12.2.1.4.0" | enterprise |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Communications Cloud Native Core Policy Search vendor "Oracle" for product "Communications Cloud Native Core Policy" | 1.15.0 Search vendor "Oracle" for product "Communications Cloud Native Core Policy" and version "1.15.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Enterprise Manager For Storage Management Search vendor "Oracle" for product "Enterprise Manager For Storage Management" | 13.4.0.0 Search vendor "Oracle" for product "Enterprise Manager For Storage Management" and version "13.4.0.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Enterprise Manager Ops Center Search vendor "Oracle" for product "Enterprise Manager Ops Center" | 12.4.0.0 Search vendor "Oracle" for product "Enterprise Manager Ops Center" and version "12.4.0.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Graalvm Search vendor "Oracle" for product "Graalvm" | 19.3.5 Search vendor "Oracle" for product "Graalvm" and version "19.3.5" | enterprise |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Graalvm Search vendor "Oracle" for product "Graalvm" | 20.3.1.2 Search vendor "Oracle" for product "Graalvm" and version "20.3.1.2" | enterprise |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Graalvm Search vendor "Oracle" for product "Graalvm" | 21.0.0.2 Search vendor "Oracle" for product "Graalvm" and version "21.0.0.2" | enterprise |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Jd Edwards Enterpriseone Tools Search vendor "Oracle" for product "Jd Edwards Enterpriseone Tools" | < 9.2.6.0 Search vendor "Oracle" for product "Jd Edwards Enterpriseone Tools" and version " < 9.2.6.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Jd Edwards World Security Search vendor "Oracle" for product "Jd Edwards World Security" | a9.4 Search vendor "Oracle" for product "Jd Edwards World Security" and version "a9.4" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Mysql Server Search vendor "Oracle" for product "Mysql Server" | < 5.7.33 Search vendor "Oracle" for product "Mysql Server" and version " < 5.7.33" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Mysql Server Search vendor "Oracle" for product "Mysql Server" | >= 8.0.15 < 8.0.23 Search vendor "Oracle" for product "Mysql Server" and version " >= 8.0.15 < 8.0.23" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Nosql Database Search vendor "Oracle" for product "Nosql Database" | < 20.3 Search vendor "Oracle" for product "Nosql Database" and version " < 20.3" | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | < 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version " < 5.10.0" | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_1 |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_10 |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_2 |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_3 |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_4 |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_5 |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_6 |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_7 |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_8 |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Epolicy Orchestrator Search vendor "Mcafee" for product "Epolicy Orchestrator" | 5.10.0 Search vendor "Mcafee" for product "Epolicy Orchestrator" and version "5.10.0" | update_9 |
Affected
| ||||||
| Nodejs Search vendor "Nodejs" | Node.js Search vendor "Nodejs" for product "Node.js" | >= 10.0.0 <= 10.12.0 Search vendor "Nodejs" for product "Node.js" and version " >= 10.0.0 <= 10.12.0" | - |
Affected
| ||||||
| Nodejs Search vendor "Nodejs" | Node.js Search vendor "Nodejs" for product "Node.js" | >= 10.13.0 < 10.24.0 Search vendor "Nodejs" for product "Node.js" and version " >= 10.13.0 < 10.24.0" | lts |
Affected
| ||||||
| Nodejs Search vendor "Nodejs" | Node.js Search vendor "Nodejs" for product "Node.js" | >= 12.0.0 <= 12.12.0 Search vendor "Nodejs" for product "Node.js" and version " >= 12.0.0 <= 12.12.0" | - |
Affected
| ||||||
| Nodejs Search vendor "Nodejs" | Node.js Search vendor "Nodejs" for product "Node.js" | >= 12.13.0 < 12.21.0 Search vendor "Nodejs" for product "Node.js" and version " >= 12.13.0 < 12.21.0" | lts |
Affected
| ||||||
| Nodejs Search vendor "Nodejs" | Node.js Search vendor "Nodejs" for product "Node.js" | >= 14.0.0 <= 14.14.0 Search vendor "Nodejs" for product "Node.js" and version " >= 14.0.0 <= 14.14.0" | - |
Affected
| ||||||
| Nodejs Search vendor "Nodejs" | Node.js Search vendor "Nodejs" for product "Node.js" | >= 15.0.0 < 15.10.0 Search vendor "Nodejs" for product "Node.js" and version " >= 15.0.0 < 15.10.0" | - |
Affected
| ||||||
| Nodejs Search vendor "Nodejs" | Node.js Search vendor "Nodejs" for product "Node.js" | 14.15.0 Search vendor "Nodejs" for product "Node.js" and version "14.15.0" | lts |
Affected
| ||||||