[Bug 2069364] New: CVE-2021-43085 openssl: Insecure permissions vulnerability due to an error in the implementation of the CMAC_Final() function
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2069364
Bug ID: 2069364
Summary: CVE-2021-43085 openssl: Insecure permissions
vulnerability due to an error in the implementation of
the CMAC_Final() function
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: psampaio(a)redhat.com
CC: aos-bugs(a)redhat.com, asoldano(a)redhat.com,
bbaranow(a)redhat.com, bdettelb(a)redhat.com,
berrange(a)redhat.com, bmaxwell(a)redhat.com,
bootloader-eng-team(a)redhat.com,
brian.stansberry(a)redhat.com, caswilli(a)redhat.com,
cdewolf(a)redhat.com, cfergeau(a)redhat.com,
chazlett(a)redhat.com, crobinso(a)redhat.com,
crypto-team(a)lists.fedoraproject.org,
csutherl(a)redhat.com, darran.lofthouse(a)redhat.com,
dbelyavs(a)redhat.com, dhalasz(a)redhat.com,
dkreling(a)redhat.com, dkuc(a)redhat.com,
dosoudil(a)redhat.com, dueno(a)redhat.com,
elima(a)redhat.com,
epel-packagers-sig(a)lists.fedoraproject.org,
erik-fedora(a)vanpienbroek.nl, f4bug(a)amsat.org,
fjansen(a)redhat.com, fjuma(a)redhat.com,
fmartine(a)redhat.com, gparvin(a)redhat.com,
gzaronik(a)redhat.com, iweiss(a)redhat.com,
jburrell(a)redhat.com, jclere(a)redhat.com,
jkoehler(a)redhat.com, jochrist(a)redhat.com,
jramanat(a)redhat.com, jwong(a)redhat.com,
jwon(a)redhat.com, kaycoth(a)redhat.com,
krathod(a)redhat.com, kraxel(a)redhat.com,
ktietz(a)redhat.com, lgao(a)redhat.com,
marcandre.lureau(a)redhat.com,
michal.skrivanek(a)redhat.com, michel(a)michel-slm.name,
micjohns(a)redhat.com, mjg59(a)srcf.ucam.org,
mosmerov(a)redhat.com, mperina(a)redhat.com,
msochure(a)redhat.com, mspacek(a)redhat.com,
msvehla(a)redhat.com, mturk(a)redhat.com,
njean(a)redhat.com, nobody(a)redhat.com,
nwallace(a)redhat.com, pahickey(a)redhat.com,
pbonzini(a)redhat.com, pjindal(a)redhat.com,
pjones(a)redhat.com, pmackay(a)redhat.com,
redhat-bugzilla(a)linuxnetz.de, rfreiman(a)redhat.com,
rharwood(a)redhat.com, rh-spice-bugs(a)redhat.com,
rjones(a)redhat.com, rstancel(a)redhat.com,
rsvoboda(a)redhat.com, sahana(a)redhat.com,
sbonazzo(a)redhat.com, smaestri(a)redhat.com,
stcannon(a)redhat.com, sthirugn(a)redhat.com,
szappis(a)redhat.com, tmeszaro(a)redhat.com, tm(a)t8m.info,
tom.jenkinson(a)redhat.com,
virt-maint(a)lists.fedoraproject.org,
virt-maint(a)redhat.com, vkrizan(a)redhat.com,
vkumar(a)redhat.com, vmugicag(a)redhat.com
Target Milestone: ---
Classification: Other
An Insecure Permissions vulnerability exists in the OpenSSL Project 3.0 due to
an error in the implementation of the CMAC_Final() function.
Upstream issue:
https://github.com/openssl/openssl/issues/16873
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2069364
2 years, 1 month