← back
CVE-2021-23840

Integer overflow in CipherUpdate

CVSS 7.5 HIGHEPSS 50.7%CWE-190
In short

A bug in OpenSSL's encryption functions can cause an integer overflow when processing very large data, making the function report success while actually producing an invalid result. This can cause applications to crash or behave unexpectedly.

Technical detail

Integer overflow in EVP_CipherUpdate, EVP_EncryptUpdate, and EVP_DecryptUpdate occurs when input length approaches the maximum integer value, causing the output length parameter to wrap to a negative value despite returning success (1). This affects OpenSSL 1.1.1i and earlier, as well as 1.0.2x and earlier, potentially leading to application crashes or incorrect cryptographic processing.

Summary generated and translated by AI from the official description.
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected products
OpenSSL · OpenSSL

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdfhttps://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846https://kc.mcafee.com/corporate/index?page=content&id=SB10366https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3Ehttps://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3Ehttps://security.gentoo.org/glsa/202103-03https://security.netapp.com/advisory/ntap-20210219-0009/https://security.netapp.com/advisory/ntap-20240621-0006/https://www.debian.org/security/2021/dsa-4855https://www.openssl.org/news/secadv/20210216.txt