John Ouyang discovered that OpenSSL incorrectly handled decrypting SM2 data. A remote attacker could use this issue to cause applications using OpenSSL to crash, resulting in a denial of service, or possibly change application behaviour. (CVE-2021-3711)
Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1 strings. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2021-3712)
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1.1.1-1ubuntu2.1~18.04.13", "binary_name": "libcrypto1.1-udeb" }, { "binary_version": "1.1.1-1ubuntu2.1~18.04.13", "binary_name": "libssl-dev" }, { "binary_version": "1.1.1-1ubuntu2.1~18.04.13", "binary_name": "libssl-doc" }, { "binary_version": "1.1.1-1ubuntu2.1~18.04.13", "binary_name": "libssl1.1" }, { "binary_version": "1.1.1-1ubuntu2.1~18.04.13", "binary_name": "libssl1.1-dbgsym" }, { "binary_version": "1.1.1-1ubuntu2.1~18.04.13", "binary_name": "libssl1.1-udeb" }, { "binary_version": "1.1.1-1ubuntu2.1~18.04.13", "binary_name": "openssl" }, { "binary_version": "1.1.1-1ubuntu2.1~18.04.13", "binary_name": "openssl-dbgsym" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1.1.1f-1ubuntu2.8", "binary_name": "libcrypto1.1-udeb" }, { "binary_version": "1.1.1f-1ubuntu2.8", "binary_name": "libssl-dev" }, { "binary_version": "1.1.1f-1ubuntu2.8", "binary_name": "libssl-doc" }, { "binary_version": "1.1.1f-1ubuntu2.8", "binary_name": "libssl1.1" }, { "binary_version": "1.1.1f-1ubuntu2.8", "binary_name": "libssl1.1-dbgsym" }, { "binary_version": "1.1.1f-1ubuntu2.8", "binary_name": "libssl1.1-udeb" }, { "binary_version": "1.1.1f-1ubuntu2.8", "binary_name": "openssl" }, { "binary_version": "1.1.1f-1ubuntu2.8", "binary_name": "openssl-dbgsym" } ] }