A corrective release of the OpenSSL 1.1.1k cryptographic library is available that fixes two vulnerabilities rated as High:
- CVE-2021-3450 - Ability to bypass CA certificate verification by enabling the X509_V_FLAG_X509_STRICT flag, which is disabled by default and is used to additionally check for the presence of certificates in the chain. The problem is introduced in the implementation of a new check that appeared in OpenSSL 1.1.1h, which prohibits the use of certificates in the chain, in which the parameters of the elliptic curve are explicitly encoded.
Due to a bug in the code, the new check overrides the result of the previous verification of the correctness of the CA certificate. As a result, certificates signed by a self-signed certificate that is not chained to a CA were treated as fully trustworthy. The vulnerability does not appear if the "purpose" parameter is set, which is set by default in the procedures for checking client and server certificates in libssl (used for TLS).
- CVE-2021-3449 - Ability to cause a TLS server crash by sending a specially crafted ClientHello message to the client. The problem is related to the dereferencing of the NULL pointer in the implementation of the signature_algorithms extension. The issue only occurs on servers that support TLSv1.2 and allow connection renegotiation (enabled by default).
Source: opennet.ru