Lucene search

K
ubuntuUbuntuUSN-5051-1
HistoryAug 24, 2021 - 12:00 a.m.

OpenSSL vulnerabilities

2021-08-2400:00:00
ubuntu.com
115

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.068 Low

EPSS

Percentile

93.9%

Releases

  • Ubuntu 21.04
  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 ESM

Packages

  • openssl - Secure Socket Layer (SSL) cryptographic library and tools

Details

John Ouyang discovered that OpenSSL incorrectly handled decrypting SM2
data. A remote attacker could use this issue to cause applications using
OpenSSL to crash, resulting in a denial of service, or possibly change
application behaviour. (CVE-2021-3711)

Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1
strings. A remote attacker could use this issue to cause OpenSSL to crash,
resulting in a denial of service, or possibly obtain sensitive information.
(CVE-2021-3712)

OSVersionArchitecturePackageVersionFilename
Ubuntu21.04noarchlibssl1.1< 1.1.1j-1ubuntu3.5UNKNOWN
Ubuntu21.04noarchlibssl-dev< 1.1.1j-1ubuntu3.5UNKNOWN
Ubuntu21.04noarchlibssl-doc< 1.1.1j-1ubuntu3.5UNKNOWN
Ubuntu21.04noarchlibssl1.1-dbgsym< 1.1.1j-1ubuntu3.5UNKNOWN
Ubuntu21.04noarchopenssl< 1.1.1j-1ubuntu3.5UNKNOWN
Ubuntu21.04noarchopenssl-dbgsym< 1.1.1j-1ubuntu3.5UNKNOWN
Ubuntu20.04noarchlibssl1.1< 1.1.1f-1ubuntu2.8UNKNOWN
Ubuntu20.04noarchlibcrypto1.1-udeb< 1.1.1f-1ubuntu2.8UNKNOWN
Ubuntu20.04noarchlibssl-dev< 1.1.1f-1ubuntu2.8UNKNOWN
Ubuntu20.04noarchlibssl-doc< 1.1.1f-1ubuntu2.8UNKNOWN
Rows per page:
1-10 of 221

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.068 Low

EPSS

Percentile

93.9%