ID

VAR-202201-1080


CVE

CVE-2021-4160


TITLE

OpenSSL Input validation error vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202201-2650

DESCRIPTION

There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.0. It was addressed in the releases of 1.1.1m and 3.0.1 on the 15th of December 2021. For the 1.0.2 release it is addressed in git commit 6fc1aaaf3 that is available to premium support customers only. It will be made available in 1.0.2zc when it is released. The issue only affects OpenSSL on MIPS platforms. Fixed in OpenSSL 3.0.1 (Affected 3.0.0). Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l). Fixed in OpenSSL 1.0.2zc-dev (Affected 1.0.2-1.0.2zb). - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202210-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: OpenSSL: Multiple Vulnerabilities Date: October 16, 2022 Bugs: #741570, #809980, #832339, #835343, #842489, #856592 ID: 202210-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been discovered in OpenSSL, the worst of which could result in denial of service. Background ========== OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) as well as a general purpose cryptography library. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/openssl < 1.1.1q >= 1.1.1q Description =========== Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details. Impact ====== Please review the referenced CVE identifiers for details. Workaround ========== There is no known workaround at this time. Resolution ========== All OpenSSL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.1.1q" References ========== [ 1 ] CVE-2020-1968 https://nvd.nist.gov/vuln/detail/CVE-2020-1968 [ 2 ] CVE-2021-3711 https://nvd.nist.gov/vuln/detail/CVE-2021-3711 [ 3 ] CVE-2021-3712 https://nvd.nist.gov/vuln/detail/CVE-2021-3712 [ 4 ] CVE-2021-4160 https://nvd.nist.gov/vuln/detail/CVE-2021-4160 [ 5 ] CVE-2022-0778 https://nvd.nist.gov/vuln/detail/CVE-2022-0778 [ 6 ] CVE-2022-1292 https://nvd.nist.gov/vuln/detail/CVE-2022-1292 [ 7 ] CVE-2022-1473 https://nvd.nist.gov/vuln/detail/CVE-2022-1473 [ 8 ] CVE-2022-2097 https://nvd.nist.gov/vuln/detail/CVE-2022-2097 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202210-02 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5103-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso March 15, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openssl CVE ID : CVE-2021-4160 CVE-2022-0778 Debian Bug : 989604 Tavis Ormandy discovered that the BN_mod_sqrt() function of OpenSSL could be tricked into an infinite loop. This could result in denial of service via malformed certificates. For the oldstable distribution (buster), this problem has been fixed in version 1.1.1d-0+deb10u8. For the stable distribution (bullseye), this problem has been fixed in version 1.1.1k-1+deb11u2. For the detailed security status of openssl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openssl Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmIwxQtfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0R2qw//c0GbzcbXlLfibf7Nki5CMJUdWqx1si8O2uQ1vKxgC07rCAx1Lrw0TtIl Tq1vYRtSbvy8P4Qn3E6/lbSYTnM7JbkriZ1HS3Mw4VFlOBA8lWMif4KotrcMAoYE IOQlhhTCkKZM8cL4YKDwN7XSy5LSdt/sw5rIi1ZpgVTEXQeKIDPa5WK6YyIGNG6k h83TPYZp+8e3Fuoubb8RY5CUfFomdMHRazHcrCkjY+yvFTFdKbUza9RjUs44xu2Z ZUTfIddR8D8mWfKOyvAVMw0A7/zjFW1IX0vC0RhHwjrulLgJbqWvcYQgEJy/wOKd tWjVwGya7+Fxn6GFL0rHZP/OFq9mDwxyBDfDg/hD+TSnbxtyHIxUH4QoWdPPgJxP ahln2TNfsnQsCopdn9dJ/XOrkC35R7Jp11kmX8MCTP6k8ob4mdQIACcRND/jcPgT tOBoUBCrha98Qvdh6UAGegTxqOBaNhG52fpNjEegq/q7kxlugdOtbY1nZXvuHHI5 C9Gd6e4JqpRlMDuT7rC8qchXJM8VnhWdVdz95gkeQCA21+AGJ+CEvTpSRPY6qCrM rUvS3HVrBFNLWNlsA68or3y8CfxjFbpXnSxflCmoBtmAp6z9TXm59Fu7N6Qqkpom yV0hQAqqeFa9u3NZKoNrj/FGWYXZ+zMt+jifRLokuB0IhFUOJ70= =SB84 -----END PGP SIGNATURE----- . If that applies then: OpenSSL 1.0.2 users should apply git commit 6fc1aaaf3 (premium support customers only) OpenSSL 1.1.1 users should upgrade to 1.1.1m OpenSSL 3.0.0 users should upgrade to 3.0.1 This issue was found on the 10th of December 2021 and subsequently fixed by Bernd Edlinger. Note ==== OpenSSL 1.0.2 is out of support and no longer receiving public updates. References ========== URL for this Security Advisory: https://www.openssl.org/news/secadv/20220128.txt Note: the online version of the advisory may be updated with additional details over time. For details of OpenSSL severity classifications please see: https://www.openssl.org/policies/secpolicy.html

Trust: 1.26

sources: NVD: CVE-2021-4160 // VULMON: CVE-2021-4160 // PACKETSTORM: 168714 // PACKETSTORM: 169298 // PACKETSTORM: 169638

AFFECTED PRODUCTS

vendor:debianmodel:linuxscope:eqversion:11.0

Trust: 1.0

vendor:opensslmodel:opensslscope:lteversion:1.0.2zb

Trust: 1.0

vendor:opensslmodel:opensslscope:gteversion:1.0.2

Trust: 1.0

vendor:oraclemodel:peoplesoft enterprise peopletoolsscope:eqversion:8.59

Trust: 1.0

vendor:opensslmodel:opensslscope:eqversion:3.0.0

Trust: 1.0

vendor:opensslmodel:opensslscope:gteversion:1.1.1

Trust: 1.0

vendor:oraclemodel:jd edwards world securityscope:eqversion:a9.4

Trust: 1.0

vendor:opensslmodel:opensslscope:ltversion:1.1.1m

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:oraclemodel:enterprise manager ops centerscope:eqversion:12.4.0.0

Trust: 1.0

vendor:oraclemodel:jd edwards enterpriseone toolsscope:eqversion:9.2.6.3

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:10.0

Trust: 1.0

vendor:siemensmodel:sinec insscope:ltversion:1.0

Trust: 1.0

vendor:oraclemodel:health sciences inform publisherscope:eqversion:6.2.1.1

Trust: 1.0

vendor:oraclemodel:peoplesoft enterprise peopletoolsscope:eqversion:8.58

Trust: 1.0

vendor:siemensmodel:sinec insscope:eqversion:1.0

Trust: 1.0

vendor:oraclemodel:health sciences inform publisherscope:eqversion:6.3.1.1

Trust: 1.0

sources: NVD: CVE-2021-4160

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-4160
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-202201-2650
value: MEDIUM

Trust: 0.6

VULMON: CVE-2021-4160
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-4160
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

nvd@nist.gov: CVE-2021-4160
baseSeverity: MEDIUM
baseScore: 5.9
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.2
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: VULMON: CVE-2021-4160 // CNNVD: CNNVD-202201-2650 // NVD: CVE-2021-4160

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2021-4160

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202201-2650

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202201-2650

PATCH

title:OpenSSL Fixes for encryption problem vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=180884

Trust: 0.6

title:Debian Security Advisories: DSA-5103-1 openssl -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=4ecbdda56426ff105b6a2939daf5c4e7

Trust: 0.1

title:Red Hat: CVE-2021-4160url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2021-4160

Trust: 0.1

title:IBM: Security Bulletin: IBM Sterling Control Center vulnerable to multiple issues to due IBM Cognos Analystics (CVE-2022-4160, CVE-2021-3733)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=9d831a6a306a903e583b6a76777d1085

Trust: 0.1

title:IBM: Security Bulletin: Vulnerabilities in OpenSSL affect IBM Spectrum Protect Plus SQL, File Indexing, and Windows Host agentsurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=316fcbda8419e3988baf55ecd43960a6

Trust: 0.1

title:IBM: Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities (CVE-2022-34339, CVE-2021-3712, CVE-2021-3711, CVE-2021-4160, CVE-2021-29425, CVE-2021-3733, CVE-2021-3737, CVE-2022-0391, CVE-2021-43138, CVE-2022-24758)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=cbece86f0c3bef5a678f2bb3dbbb854b

Trust: 0.1

title: - url:https://github.com/actions-marketplace-validations/neuvector_scan-action

Trust: 0.1

title: - url:https://github.com/neuvector/scan-action

Trust: 0.1

title:nodejs-helloworldurl:https://github.com/andrewd-sysdig/nodejs-helloworld

Trust: 0.1

title: - url:https://github.com/tianocore-docs/ThirdPartySecurityAdvisories

Trust: 0.1

sources: VULMON: CVE-2021-4160 // CNNVD: CNNVD-202201-2650

EXTERNAL IDS

db:NVDid:CVE-2021-4160

Trust: 2.0

db:SIEMENSid:SSA-637483

Trust: 1.7

db:ICS CERTid:ICSA-22-258-05

Trust: 0.7

db:PACKETSTORMid:168714

Trust: 0.7

db:CS-HELPid:SB2022062021

Trust: 0.6

db:CS-HELPid:SB2022012811

Trust: 0.6

db:CS-HELPid:SB2022060710

Trust: 0.6

db:CS-HELPid:SB2022031611

Trust: 0.6

db:CS-HELPid:SB2022042517

Trust: 0.6

db:CS-HELPid:SB2022051735

Trust: 0.6

db:AUSCERTid:ESB-2022.2512

Trust: 0.6

db:AUSCERTid:ESB-2022.2191

Trust: 0.6

db:AUSCERTid:ESB-2022.4616

Trust: 0.6

db:AUSCERTid:ESB-2022.2417

Trust: 0.6

db:CNNVDid:CNNVD-202201-2650

Trust: 0.6

db:VULMONid:CVE-2021-4160

Trust: 0.1

db:PACKETSTORMid:169298

Trust: 0.1

db:PACKETSTORMid:169638

Trust: 0.1

sources: VULMON: CVE-2021-4160 // PACKETSTORM: 168714 // PACKETSTORM: 169298 // PACKETSTORM: 169638 // CNNVD: CNNVD-202201-2650 // NVD: CVE-2021-4160

REFERENCES

url:https://www.oracle.com/security-alerts/cpuapr2022.html

Trust: 2.3

url:https://www.openssl.org/news/secadv/20220128.txt

Trust: 1.8

url:https://www.debian.org/security/2022/dsa-5103

Trust: 1.8

url:https://security.gentoo.org/glsa/202210-02

Trust: 1.8

url:https://www.oracle.com/security-alerts/cpujul2022.html

Trust: 1.7

url:https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf

Trust: 1.7

url:https://git.openssl.org/gitweb/?p=openssl.git%3ba=commitdiff%3bh=3bf7b73ea7123045b8f972badc67ed6878e6c37f

Trust: 1.0

url:https://git.openssl.org/gitweb/?p=openssl.git%3ba=commitdiff%3bh=6fc1aaaf303185aa5e483e06bdfae16daa9193a7

Trust: 1.0

url:https://git.openssl.org/gitweb/?p=openssl.git%3ba=commitdiff%3bh=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb

Trust: 1.0

url:https://security.netapp.com/advisory/ntap-20240621-0006/

Trust: 1.0

url:https://nvd.nist.gov/vuln/detail/cve-2021-4160

Trust: 0.9

url:https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6fc1aaaf303185aa5e483e06bdfae16daa9193a7

Trust: 0.7

url:https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3bf7b73ea7123045b8f972badc67ed6878e6c37f

Trust: 0.7

url:https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9e726506cd2a3fd9c0f12daf8cc1fe934c7dddb

Trust: 0.7

url:https://www.cybersecurity-help.cz/vdb/sb2022051735

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2417

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.4616

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2021-4160

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022060710

Trust: 0.6

url:https://vigilance.fr/vulnerability/openssl-weak-encryption-via-mips-bn-mod-exp-37400

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2191

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022012811

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022042517

Trust: 0.6

url:https://us-cert.cisa.gov/ics/advisories/icsa-22-258-05

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022031611

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022062021

Trust: 0.6

url:https://packetstormsecurity.com/files/168714/gentoo-linux-security-advisory-202210-02.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.2512

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2022-0778

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://github.com/actions-marketplace-validations/neuvector_scan-action

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://www.cisa.gov/uscert/ics/advisories/icsa-22-258-05

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-1968

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3711

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3712

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1473

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-2097

Trust: 0.1

url:https://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-1292

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

url:https://security-tracker.debian.org/tracker/openssl

Trust: 0.1

url:https://www.openssl.org/news/secadv/20220315.txt

Trust: 0.1

url:https://www.openssl.org/support/contracts.html

Trust: 0.1

url:https://www.openssl.org/policies/secpolicy.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-0701

Trust: 0.1

sources: VULMON: CVE-2021-4160 // PACKETSTORM: 168714 // PACKETSTORM: 169298 // PACKETSTORM: 169638 // CNNVD: CNNVD-202201-2650 // NVD: CVE-2021-4160

CREDITS

Siemens reported these vulnerabilities to CISA.

Trust: 0.6

sources: CNNVD: CNNVD-202201-2650

SOURCES

db:VULMONid:CVE-2021-4160
db:PACKETSTORMid:168714
db:PACKETSTORMid:169298
db:PACKETSTORMid:169638
db:CNNVDid:CNNVD-202201-2650
db:NVDid:CVE-2021-4160

LAST UPDATE DATE

2024-08-14T12:11:06.074000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2021-4160date:2022-11-09T00:00:00
db:CNNVDid:CNNVD-202201-2650date:2022-10-18T00:00:00
db:NVDid:CVE-2021-4160date:2024-06-21T19:15:21.320

SOURCES RELEASE DATE

db:VULMONid:CVE-2021-4160date:2022-01-28T00:00:00
db:PACKETSTORMid:168714date:2022-10-17T13:44:06
db:PACKETSTORMid:169298date:2022-03-28T19:12:00
db:PACKETSTORMid:169638date:2022-01-28T12:12:12
db:CNNVDid:CNNVD-202201-2650date:2022-01-28T00:00:00
db:NVDid:CVE-2021-4160date:2022-01-28T22:15:15.133