Stack-based Buffer Over-read Vulnerability in LibreSSL Library
CVE-2021-41581

5.5MEDIUM

Key Information:

Vendor: OpenBSD
Status: Libressl
Vendor: CVE Published:; 24 September 2021

What is CVE-2021-41581?

A stack-based buffer over-read vulnerability exists in the x509_constraints_parse_mailbox function of the LibreSSL library. This issue arises when input data exceeds the DOMAIN_PART_MAX_LEN, resulting in a lack of proper string termination ('\0'). Such a vulnerability can lead to unauthorized access or unpredictable behavior, as it may allow malicious actors to manipulate or read sensitive data from the memory stack.

References

https://github.com/libressl-portable/openbsd/issues/126

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 24, 2021
Vulnerability Reserved
Sep 24, 2021

OpenBSD

What is CVE-2021-41581?

References

CVSS V3.1

Timeline