OpenSSL CAÖ¤ÊéÈÆ¹ýÎó²î£¨CVE-2021-3450£©
Ðû²¼Ê±¼ä 2021-03-260x00 Îó²î¸ÅÊö
CVE ID | CVE-2021-3450 | ʱ ¼ä | 2021-03-26 |
Àà ÐÍ | µÈ ¼¶ | ¸ßΣ | |
Ô¶³ÌʹÓà | ÊÇ | Ó°Ïì¹æÄ£ | |
PoC/EXP | δ¹ûÕæ | ÔÚҰʹÓà |
0x01 Îó²îÏêÇé
OpenSSLÊÇÒ»¸ö¿ª·ÅÔ´´úÂëµÄÈí¼þ¿â°ü£¬£¬£¬£¬£¬£¬Ó¦ÓóÌÐò¿ÉÒÔʹÓÃÕâ¸ö°üÀ´¾ÙÐÐÇ徲ͨѶ£¬£¬£¬£¬£¬£¬×èÖ¹ÇÔÌý£¬£¬£¬£¬£¬£¬Í¬Ê±È·ÈÏÁíÒ»¶ËÅþÁ¬ÕßµÄÉí·Ý£¬£¬£¬£¬£¬£¬Ëü±»ÆÕ±éÓ¦ÓÃÔÚ»¥ÁªÍøµÄÍøÒ³Ð§ÀÍÆ÷ÉÏ¡£¡£¡£¡£¡£
2021Äê03ÔÂ25ÈÕ£¬£¬£¬£¬£¬£¬OpenSSLÏîÄ¿Ðû²¼Ç徲ͨ¸æ£¬£¬£¬£¬£¬£¬¹ûÕæÁËOpenSSL²úÆ·ÖеÄÒ»¸ö¾Ü¾øÐ§ÀÍÎó²îºÍÒ»¸öÖ¤ÊéÑéÖ¤ÈÆ¹ýÎó²î£¨CVE-2021-3449ºÍCVE-2021-3450£©¡£¡£¡£¡£¡£
OpenSSL ¾Ü¾øÐ§ÀÍÎó²î£¨CVE-2021-3449£©
¸ÃÎó²îÊÇÓÉÓÚNULLÖ¸Õë×÷·ÏÒýÓõ¼ÖµľܾøÐ§ÀÍ(DoS)Îó²î£¬£¬£¬£¬£¬£¬½öÓ°ÏìOpenSSLЧÀÍÆ÷ʵÀý£¬£¬£¬£¬£¬£¬¶ø²»Ó°Ïì¿Í»§¶Ë¡£¡£¡£¡£¡£
ÈôÊÇ´Ó¿Í»§¶Ë·¢ËÍÁ˶ñÒâµÄÖØÐÂÐÉÌClientHelloÐÂÎÅ£¬£¬£¬£¬£¬£¬ÔòOpenSSL TLSЧÀÍÆ÷¿ÉÄÜ»áÍ߽⡣¡£¡£¡£¡£ÈôÊÇTLSv1.2ÖØÐÂÐÉÌClientHelloÊ¡ÂÔÁËsignature_algorithmsÀ©Õ¹Ãû£¨ÔÚ×î³õµÄClientHelloÖб£´æ£©£¬£¬£¬£¬£¬£¬µ«°üÀ¨ÁËsignature_algorithms_certÀ©Õ¹Ãû£¬£¬£¬£¬£¬£¬Ôò½«µ¼ÖÂNULLÖ¸Õë×÷·ÏÒýÓ㬣¬£¬£¬£¬£¬´Ó¶øµ¼ÖÂÍß½âºÍ¾Ü¾øÐ§À͹¥»÷¡£¡£¡£¡£¡£
ÒÔÏÂÊÇGitHubÉ϶ԸÃÎó²îµÄÐÞ¸´£º
Ó°Ïì¹æÄ£
ÔËÐдøÓÐTLS 1.2²¢ÆôÓÃÁËÖØÐÂÐÉÌ£¨Ä¬ÈÏÉèÖ㩵ÄOpenSSL 1.1.1
OpenSSL CAÖ¤ÊéÑéÖ¤ÈÆ¹ýÎó²î£¨CVE-2021-3450£©
¸ÃÎó²îÊÇÖ¤Êé½ÒÏþ»ú¹¹£¨CA£©Ö¤ÊéÑéÖ¤ÈÆ¹ýÎó²î£¬£¬£¬£¬£¬£¬Ó°ÏìЧÀÍÆ÷ºÍ¿Í»§¶ËʵÀý¡£¡£¡£¡£¡£
X509_V_FLAG_X509_STRICT±ê¼Ç¿É¶ÔÖ¤ÊéÁ´Öб£´æµÄÖ¤Êé¾ÙÐÐÆäËüÇå¾²¼ì²é£¬£¬£¬£¬£¬£¬Ä¬ÈÏÇéÐÎÏÂδÉèÖᣡ£¡£¡£¡£´ÓOpenSSL°æ±¾1.1.1h×îÏÈ£¬£¬£¬£¬£¬£¬Ìí¼ÓÁËÒ»Ïî¼ì²éÒÔեȡÔÚÁ´ÖÐÏÔʽ±àÂëÍÖÔ²ÇúÏß²ÎÊýµÄÖ¤Ê飬£¬£¬£¬£¬£¬ÕâÊǸ½¼ÓµÄÑÏ¿á¼ì²é¡£¡£¡£¡£¡£Ö´Ðд˼ì²éʱ·ºÆðÒ»¸ö¹ýʧ£¬£¬£¬£¬£¬£¬ÕâÒâζ×ÅÏÈǰ¼ì²éµÄЧ¹û»á±»ÁýÕÖ£¬£¬£¬£¬£¬£¬¸Ã¼ì²éÓÃÓÚÈ·ÈÏÁ´ÖеÄÖ¤ÊéÊÇÓÐÓõÄCAÖ¤Êé¡£¡£¡£¡£¡£
Ó°Ïì¹æÄ£
OpenSSL 1.1.1h¼°¸ü¸ß°æ±¾
±ðµÄ£¬£¬£¬£¬£¬£¬½ñÄê2Ô£¬£¬£¬£¬£¬£¬OpenSSL ÏîĿҲÐû²¼ÁËÇå¾²¸üУ¬£¬£¬£¬£¬£¬ÐÞ¸´ÁËOpenSSLÖеÄ2¸ö¾Ü¾øÐ§ÀÍ£¨DoS£©Îó²îºÍ1¸ö²»×¼È·µÄSSLv2»Ø¹ö±£»£»£»£»£»£»£»¤Îó²î¡£¡£¡£¡£¡£
0x02 ´¦Öóͷ£½¨Òé
ÏÖÔÚ¹Ù·½ÒÑÐÞ¸´ÁËÕâÁ½¸öÎó²î£¬£¬£¬£¬£¬£¬½¨Òéʵʱ¸üÐÂÖÁOpenSSL 1.1.1k£¨OpenSSL 1.0.2²»ÊÜÕâÁ½¸öÎó²îÓ°Ï죩¡£¡£¡£¡£¡£
ÏÂÔØÁ´½Ó£º
https://openssl.en.softonic.com/
0x03 ²Î¿¼Á´½Ó
https://www.openssl.org/news/secadv/20210325.txt
https://www.bleepingcomputer.com/news/security/openssl-fixes-severe-dos-certificate-validation-vulnerabilities/
https://securityaffairs.co/wordpress/115968/security/openssl-flaws-2.html?
https://github.com/openssl/openssl/commit/2a40b7bc7b94dd7de897a74571e7024f0cf0d63b
0x04 ʱ¼äÏß
2021-03-25 OpenSSLÐû²¼Ç徲ͨ¸æ
2021-03-26 VSRCÐû²¼Ç徲ͨ¸æ
0x05 ¸½Â¼
CVSSÆÀ·Ö±ê×¼¹ÙÍø£ºhttp://www.first.org/cvss/