1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-5051-1

[USN-5051-1] OpenSSL vulnerabilities

Severity High
Affected Packages 12
CVEs 2
Info Packages Vulnerabilities

Several security issues were fixed in OpenSSL.

John Ouyang discovered that OpenSSL incorrectly handled decrypting SM2
data. A remote attacker could use this issue to cause applications using
OpenSSL to crash, resulting in a denial of service, or possibly change
application behaviour. (CVE-2021-3711)

Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1
strings. A remote attacker could use this issue to cause OpenSSL to crash,
resulting in a denial of service, or possibly obtain sensitive information.
(CVE-2021-3712)

Package Affected Version
pkg:deb/ubuntu/openssl?distro=hirsute < 1.1.1j-1ubuntu3.5
pkg:deb/ubuntu/openssl?distro=focal < 1.1.1f-1ubuntu2.8
pkg:deb/ubuntu/openssl?distro=bionic < 1.1.1-1ubuntu2.1~18.04.13
pkg:deb/ubuntu/libssl1.1?distro=hirsute < 1.1.1j-1ubuntu3.5
pkg:deb/ubuntu/libssl1.1?distro=focal < 1.1.1f-1ubuntu2.8
pkg:deb/ubuntu/libssl1.1?distro=bionic < 1.1.1-1ubuntu2.1~18.04.13
pkg:deb/ubuntu/libssl-doc?distro=hirsute < 1.1.1j-1ubuntu3.5
pkg:deb/ubuntu/libssl-doc?distro=focal < 1.1.1f-1ubuntu2.8
pkg:deb/ubuntu/libssl-doc?distro=bionic < 1.1.1-1ubuntu2.1~18.04.13
pkg:deb/ubuntu/libssl-dev?distro=hirsute < 1.1.1j-1ubuntu3.5
pkg:deb/ubuntu/libssl-dev?distro=focal < 1.1.1f-1ubuntu2.8
pkg:deb/ubuntu/libssl-dev?distro=bionic < 1.1.1-1ubuntu2.1~18.04.13
ID
USN-5051-1
Severity
high
URL
https://ubuntu.com/security/notices/USN-5051-1
Published
2021-08-24T15:26:39
(3 years ago)
Modified
2021-08-24T15:26:39
(3 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/openssl?distro=hirsute ubuntu openssl < 1.1.1j-1ubuntu3.5 hirsute
Affected pkg:deb/ubuntu/openssl?distro=focal ubuntu openssl < 1.1.1f-1ubuntu2.8 focal
Affected pkg:deb/ubuntu/openssl?distro=bionic ubuntu openssl < 1.1.1-1ubuntu2.1~18.04.13 bionic
Affected pkg:deb/ubuntu/libssl1.1?distro=hirsute ubuntu libssl1.1 < 1.1.1j-1ubuntu3.5 hirsute
Affected pkg:deb/ubuntu/libssl1.1?distro=focal ubuntu libssl1.1 < 1.1.1f-1ubuntu2.8 focal
Affected pkg:deb/ubuntu/libssl1.1?distro=bionic ubuntu libssl1.1 < 1.1.1-1ubuntu2.1~18.04.13 bionic
Affected pkg:deb/ubuntu/libssl-doc?distro=hirsute ubuntu libssl-doc < 1.1.1j-1ubuntu3.5 hirsute
Affected pkg:deb/ubuntu/libssl-doc?distro=focal ubuntu libssl-doc < 1.1.1f-1ubuntu2.8 focal
Affected pkg:deb/ubuntu/libssl-doc?distro=bionic ubuntu libssl-doc < 1.1.1-1ubuntu2.1~18.04.13 bionic
Affected pkg:deb/ubuntu/libssl-dev?distro=hirsute ubuntu libssl-dev < 1.1.1j-1ubuntu3.5 hirsute
Affected pkg:deb/ubuntu/libssl-dev?distro=focal ubuntu libssl-dev < 1.1.1f-1ubuntu2.8 focal
Affected pkg:deb/ubuntu/libssl-dev?distro=bionic ubuntu libssl-dev < 1.1.1-1ubuntu2.1~18.04.13 bionic
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date