As per upstream: An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue.
Acknowledgments: Name: the OpenSSL project Upstream: Nokia
Statement: This flaw only affects OpenSSL 1.1.1, older versions are not affected.
External References: https://www.openssl.org/news/secadv/20210325.txt
Created openssl tracking bugs for this issue: Affects: fedora-all [bug 1943178] Created openssl11 tracking bugs for this issue: Affects: epel-7 [bug 1943179]
Upstream commit: https://github.com/openssl/openssl/commit/fb9fa6b51defd48157eeb207f52181f735d96148
stand-alone reproducer: https://github.com/tlsfuzzer/tlsfuzzer/pull/748
Mitigation: This flaw can be mitigated by disabling TLS renegotiation on servers compiled with OpenSSL. It is enabled by default, but can be disabled for servers which do not require it and can be used to mitigate this flaw. Versions of httpd package shipped with Red Hat Enterprise Linux 8 have TLS renegotiation disabled by default.
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:1024 https://access.redhat.com/errata/RHSA-2021:1024
Is this the wrong place to ask when CentOS Stream 8 is going to ship an openssl security update? It has not been updated since December, and is lacking the high severity 1.1.1k fixes (and others of intermediate and low severity).
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-3449
(In reply to Scott Brown from comment #25) > Is this the wrong place to ask when CentOS Stream 8 is going to ship an > openssl security update? It has not been updated since December, and is > lacking the high severity 1.1.1k fixes (and others of intermediate and low > severity). Hi Scott, I'll get back to you on this one.
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2021:1063 https://access.redhat.com/errata/RHSA-2021:1063
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2021:1131 https://access.redhat.com/errata/RHSA-2021:1131
This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Via RHSA-2021:1189 https://access.redhat.com/errata/RHSA-2021:1189
This issue has been addressed in the following products: Red Hat JBoss Web Server Via RHSA-2021:1196 https://access.redhat.com/errata/RHSA-2021:1196
This issue has been addressed in the following products: Red Hat JBoss Web Server 5.4 on RHEL 7 Red Hat JBoss Web Server 5.4 on RHEL 8 Via RHSA-2021:1195 https://access.redhat.com/errata/RHSA-2021:1195
This issue has been addressed in the following products: JBoss Core Services on RHEL 7 Via RHSA-2021:1199 https://access.redhat.com/errata/RHSA-2021:1199
This issue has been addressed in the following products: JBCS 2.4.37 SP7 Via RHSA-2021:1200 https://access.redhat.com/errata/RHSA-2021:1200
This issue has been addressed in the following products: Red Hat JBoss Web Server Via RHSA-2021:1203 https://access.redhat.com/errata/RHSA-2021:1203
This issue has been addressed in the following products: Red Hat JBoss Web Server 3 for RHEL 7 Via RHSA-2021:1202 https://access.redhat.com/errata/RHSA-2021:1202