Serious vulnerability in OpenSSL, could be used to alter application data

The OpenSSL Project this week officially released OpenSSL 1.1.1l, which patches a high severity vulnerability that could allow an attacker to alter the behaviour of an application or cause it to crash.

The vulnerability has a CVE ID of CVE-2021-3711 and is described as a buffer overflow vulnerability related to SM2 decryption.

To decrypt SM2 encrypted data, an application will typically call the API function EVP_PKEY_decrypt(). Typically, an application will call this function twice. The first time, on entry, the “out” parameter can be NULL, and on exit, the “outlen” parameter fills the buffer size needed to hold the decrypted plaintext. The application can then allocate a large enough buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the “out” parameter.

This vulnerability in the SM2 decryption code implementation means that the first call to EVP_PKEY_decrypt() and the calculated buffer size required to hold the plaintext may be smaller than the actual size required for the second call. Thus when the application calls E VP_PKEY_decrypt() a second time, it could lead to a buffer overflow.

A malicious attacker who is able to provide SM2 content to an application for decryption can cause the data of the attacker’s choice to overflow the buffer by up to 62 bytes, thereby altering the contents of the rest of the data behind the buffer. This can further alter the behaviour of the application or cause it to crash.

Applications can have any kind of data (e.g. financial data, credentials, etc.) in memory and if an attacker could change it, the consequences would be unthinkable," explained Matt Caswell of the OpenSSL Project. According to security researcher John Ouyang, the vulnerability affects OpenSSL prior to version 1.1.1.

In addition to the high severity vulnerability mentioned above, OpenSSL has also reported a moderate vulnerability with CVE ID CVE-2021-3712, which can be exploited for Denial of Service (DoS) attacks. This issue has also been fixed with the 1.1.1l release.

To date, five vulnerabilities related to OpenSSL have been identified today, two of which are rated as high severity. This compares to only three vulnerabilities found in OpenSSL in the whole of 2020.