CVE-2021-41581

Out-of-bounds Read in conan/libressl

Identifier

CVE-2021-41581

Package Slug

conan/libressl

Vulnerability

Out-of-bounds Read

Description

x509_constraints_parse_mailbox in lib/libcrypto/x509/x509_constraints.c in LibreSSL has a stack-based buffer over-read. When the input exceeds DOMAIN_PART_MAX_LEN, the buffer lacks \0 termination.

Affected Versions

All versions up to 3.4.0

Solution

Unfortunately, there is no solution available yet.

Last Modified

2021-10-01

source