CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450)

Operating System & Version
CentOS 7
cPanel & WHM Version
v94.0.4

d_t

Well-Known Member
Sep 20, 2003
245
3
168
Bucharest
https://www.openssl.org/news/secadv/20210325.txt

“An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client,” maintainers wrote in an advisory. “If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack.”

Looks like cPanel is using openssl 1.1.1j that is affected by this vulnerability. No update yet.

Code:
ea-openssl11-1.1.1j-1.1.1.cpanel.x86_64
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
6,984
921
313
cPanel Access Level
Root Administrator
Hey there! Our team is aware and working on an update through case EA-9664. It's currently being tested, and while I don't have an exact release time I'd expect that to get made public in an EasyApache release soon. You can monitor the change log at EasyApache 4 Change Log 2021 | cPanel & WHM Documentation for that case number, as once it's listed there it will be automatically updated on your machine.