In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).
Para descifrar los datos cifrados de SM2 se espera que una aplicación llame a la función de la API EVP_PKEY_decrypt(). Normalmente, una aplicación llamará a esta función dos veces. La primera vez, al entrar, el parámetro "out" puede ser NULL y, al salir, el parámetro "outlen" se rellena con el tamaño del búfer necesario para contener el texto plano descifrado. La aplicación puede entonces asignar un búfer de tamaño suficiente y llamar de nuevo a EVP_PKEY_decrypt(), pero esta vez pasando un valor no NULL para el parámetro "out". Un bug en la implementación del código de descifrado SM2 significa que el cálculo del tamaño del búfer necesario para mantener el texto plano devuelto por la primera llamada a EVP_PKEY_decrypt() puede ser menor que el tamaño real requerido por la segunda llamada. Esto puede conllevar a un desbordamiento del búfer cuando la aplicación llama a EVP_PKEY_decrypt() por segunda vez con un búfer demasiado pequeño. Un atacante malicioso que sea capaz de presentar el contenido de SM2 para su descifrado a una aplicación podría causar que los datos elegidos por el atacante desborden el búfer hasta un máximo de 62 bytes alterando el contenido de otros datos mantenidos después del búfer, posiblemente cambiando el comportamiento de la aplicación o causando el bloqueo de la misma. La ubicación del búfer depende de la aplicación, pero normalmente se asigna a la pila. Corregido en OpenSSL versión 1.1.1l (Afectada 1.1.1-1.1.1k).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
| Attack Vector | NETWORK |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | NONE |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | HIGH |
| Availability Impact | HIGH |
AV:N/AC:L/Au:N/C:P/I:P/A:P
| Access Vector | NETWORK |
|---|---|
| Access Complexity | LOW |
| Authentication | NONE |
| Confidentiality Impact | PARTIAL |
| Integrity Impact | PARTIAL |
| Availability Impact | PARTIAL |
| Source | Type | Description |
|---|---|---|
| [email protected] | Primary |
en
CWE-120
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| openssl | openssl | * | <built-in method update of dict object at 0x72a9cc7edf00> | Application |
| debian | debian_linux | 10.0 | <built-in method update of dict object at 0x72a9cc7ee580> | Operating System |
| debian | debian_linux | 11.0 | <built-in method update of dict object at 0x72a9b0db65c0> | Operating System |
| netapp | active_iq_unified_manager | - | <built-in method update of dict object at 0x72a9cc556940> | Application |
| netapp | active_iq_unified_manager | - | <built-in method update of dict object at 0x72a9cc7ec800> | Application |
| netapp | clustered_data_ontap | - | <built-in method update of dict object at 0x72a9cd07acc0> | Application |
| netapp | clustered_data_ontap_antivirus_connector | - | <built-in method update of dict object at 0x72a9cc7ed380> | Application |
| netapp | e-series_santricity_os_controller | * | <built-in method update of dict object at 0x72a9cc575640> | Application |
| netapp | hci_management_node | - | <built-in method update of dict object at 0x72a9cd0c1240> | Application |
| netapp | manageability_software_development_kit | - | <built-in method update of dict object at 0x72a9cc7ec7c0> | Application |
| netapp | oncommand_insight | - | <built-in method update of dict object at 0x72a9e41d0f80> | Application |
| netapp | oncommand_workflow_automation | - | <built-in method update of dict object at 0x72a9b0735a00> | Application |
| netapp | santricity_smi-s_provider | - | <built-in method update of dict object at 0x72a9cd0c3d80> | Application |
| netapp | snapcenter | - | <built-in method update of dict object at 0x72a9cc60e4c0> | Application |
| netapp | solidfire | - | <built-in method update of dict object at 0x72a9cd07b280> | Application |
| netapp | storage_encryption | - | <built-in method update of dict object at 0x72a9cd0c2cc0> | Application |
| oracle | communications_cloud_native_core_security_edge_protection_proxy | 1.7.0 | <built-in method update of dict object at 0x72a9cc575c40> | Application |
| oracle | communications_cloud_native_core_unified_data_repository | 1.15.0 | <built-in method update of dict object at 0x72a9cc7ece80> | Application |
| oracle | communications_session_border_controller | 8.4 | <built-in method update of dict object at 0x72a9cc60c1c0> | Application |
| oracle | communications_session_border_controller | 9.0 | <built-in method update of dict object at 0x72a9cc575d40> | Application |
| oracle | communications_unified_session_manager | 8.2.5 | <built-in method update of dict object at 0x72a9cc62cd40> | Application |
| oracle | communications_unified_session_manager | 8.4.5 | <built-in method update of dict object at 0x72a9b0c3e200> | Application |
| oracle | enterprise_communications_broker | 3.2.0 | <built-in method update of dict object at 0x72a9cc7ecbc0> | Application |
| oracle | enterprise_communications_broker | 3.3.0 | <built-in method update of dict object at 0x72a9cc624880> | Application |
| oracle | enterprise_session_border_controller | 8.4 | <built-in method update of dict object at 0x72a9cd07bc00> | Application |
| oracle | enterprise_session_border_controller | 9.0 | <built-in method update of dict object at 0x72a9cc830e00> | Application |
| oracle | essbase | * | <built-in method update of dict object at 0x72a9b0db7e80> | Application |
| oracle | essbase | * | <built-in method update of dict object at 0x72a9cd079e80> | Application |
| oracle | health_sciences_inform_publisher | 6.2.1.1 | <built-in method update of dict object at 0x72a9cc5c1000> | Application |
| oracle | health_sciences_inform_publisher | 6.3.1.1 | <built-in method update of dict object at 0x72a9cc626200> | Application |
| oracle | jd_edwards_enterpriseone_tools | * | <built-in method update of dict object at 0x72a9cc625a00> | Application |
| oracle | jd_edwards_world_security | a9.4 | <built-in method update of dict object at 0x72a9cc625a80> | Application |
| oracle | mysql_connectors | * | <built-in method update of dict object at 0x72a9cc624a80> | Application |
| oracle | mysql_enterprise_monitor | * | <built-in method update of dict object at 0x72a9cc624200> | Application |
| oracle | mysql_server | * | <built-in method update of dict object at 0x72a9cc647140> | Application |
| oracle | mysql_server | * | <built-in method update of dict object at 0x72a9cc6458c0> | Application |
| oracle | peoplesoft_enterprise_peopletools | 8.57 | <built-in method update of dict object at 0x72a9cc646e40> | Application |
| oracle | peoplesoft_enterprise_peopletools | 8.58 | <built-in method update of dict object at 0x72a9cc646540> | Application |
| oracle | peoplesoft_enterprise_peopletools | 8.59 | <built-in method update of dict object at 0x72a9cc645ac0> | Application |
| oracle | zfs_storage_appliance_kit | 8.8 | <built-in method update of dict object at 0x72a9cc647580> | Application |
| tenable | nessus_network_monitor | * | <built-in method update of dict object at 0x72a9cc644bc0> | Application |
| tenable | tenable.sc | * | <built-in method update of dict object at 0x72a9cc645000> | Application |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* |
| Yes | cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:* |
| Yes | cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:netapp:manageability_software_development_kit:-:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:netapp:storage_encryption:-:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.15.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:communications_unified_session_manager:8.2.5:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:communications_unified_session_manager:8.4.5:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:enterprise_communications_broker:3.2.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:enterprise_communications_broker:3.3.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:enterprise_session_border_controller:9.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:essbase:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:essbase:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:health_sciences_inform_publisher:6.2.1.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:health_sciences_inform_publisher:6.3.1.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:* |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:a:tenable:nessus_network_monitor:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:* |