All customers except US A&D: to ensure that you can access all of your product downloads, you must log in to the Wind River Delivers portal https://delivers.windriver.com and visit the My Products page to force an initial sync of your product entitlement. Only after you’ve completed this step will you be able to access and download product content through the Artifacts, Registry, and Git interfaces. This also applies to users attempting to run the Wind River installer in maintenance or update mode or Linux installation updates at the command line.

Wind River Support Network

HomeSafety and Security NoticesWind River Security Vulnerability Notice: CVE-2021-3711
Recommended

Wind River Security Vulnerability Notice: CVE-2021-3711

Released: --

Summary

Wind River Security Vulnerability Notice:CVE-2021-3711 of openssl


Affected Product Versions

Wind River Linux LTS 17, Wind River Linux LTS 21, Wind River Linux CD, Wind River Linux LTS 19, Wind River Linux LTS 18

Description

CVE-2021-3711



SM2 Decryption Buffer Overflow.

In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter.

A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small.

A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated.

Affected Windriver Linux releases:

For openssl, versions 1.1.1k and below are affected by this issue while openssl 1.0.2 is not impacted.
For WRLinux, Wind River Linux CD, Wind River Linux LTS 21, Wind River Linux LTS 19, Wind River Linux LTS 18, Wind River Linux LTS 17, are affected by this issue. WRLinux-9 and earlier releases not affected by it.

Affected software components:

openssl

Affected hardware:

These are pure software issues.

Mitigation

All WRLinux releases after WRLinux-9 effected by this issue and need source patches to avoid it. For details please contact our support team.


Additional References

https://nvd.nist.gov/vuln/detail/CVE-2021-3711

https://www.openssl.org/news/secadv/20210824.txt



Changelog

  • 8/24/2021: Initial


Installation Notes

Please contact our support team to get detailed method to mitigate these CVE issues. Or waiting for our newest RCPL releases.


Live chat
Online