CVE-2021-3580: Input Validation

Q: What is the CVE ID of this vulnerability?

The CVE ID of this vulnerability is CVE-2021-3580.

Q: What is the severity of CVE-2021-3580?

The severity of CVE-2021-3580 is medium with a CVSS score of 5.9.

Q: How does CVE-2021-3580 affect GNU Nettle?

CVE-2021-3580 affects GNU Nettle by causing a denial of service due to a flaw in the RSA decryption functions.

Q: How can an attacker exploit CVE-2021-3580?

An attacker can exploit CVE-2021-3580 by sending specially-crafted ciphertext to the affected application.

Q: How can I fix CVE-2021-3580 in IBM QRadar SIEM?

You can fix CVE-2021-3580 in IBM QRadar SIEM by applying the appropriate patch. For version 7.5.0 GA, use the patch available at: [IBM QRadar SIEM 7.5.0 GA Patch](https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=All&platform=Linux&function=fixId&fixids=7.5.0-QRADAR-QRSIEM-20220215133427&includeRequisites=1&includeSupersedes=0&downloadMethod=http&login=true) For versions 7.4.3 GA - 7.4.3 FP4, use the patch available at: [IBM QRadar SIEM 7.4.3 GA - 7.4.3 FP4 Patch](https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=All&platform=Linux&function=fixId&fixids=7.4.3-QRADAR-QRSIEM-20220307203834&includeRequisites=1&includeSupersedes=0&downloadMethod=http) For versions 7.3.3 GA - 7.3.3 FP10, use the patch available at: [IBM QRadar SIEM 7.3.3 GA - 7.3.3 FP10 Patch](https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM%20Security%20QRadar%20Vulnerability%20Manager&release=All&platform=All&function=fixId&fixids=7.3.3-QRADAR-QRSIEM-20220318161607&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=SAR)

Published Jun 4, 2021

Updated

A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.

Other sources

GNU Nettle is vulnerable to a denial of service, caused by a flaw in the RSA decryption functions. By sending specially-crafted ciphertext, a remote attacker could exploit this vulnerability to cause the application to crash.

— IBM

Multiple issues were found with Nettle's RSA decryption functions. These can be triggered by providing manipulated ciphertext and could lead to application crash and denial of service.

Since nettle is used with gnuTLS, there is a possibility that a remote client could crash a server compiled with gnuTLS when RSA is used for the initial key exchange.

— Red Hat

Affected Software

11 affected componentsFixes available

debian/nettle<=3.7.2-3, <=3.4.1-1

3.7.3-13.4.1-1+deb10u1

debian/nettle

3.4.1-1+deb10u13.7.3-13.8.1-23.9.1-2

redhat/nettle<3.7.3

3.7.3

IBM QRadar SIEM<=7.5.0 GA

IBM QRadar SIEM<=7.4.3 GA - 7.4.3 FP4

IBM QRadar SIEM<=7.3.3 GA - 7.3.3 FP10

Nettle Project Nettle<3.7.3

redhat Enterprise Linux=7.0

redhat Enterprise Linux=8.0

Debian Debian Linux=9.0

NetApp ONTAP Select Deploy administration utility

Remediation

Patch Available

https://bugzilla.redhat.com/show_bug.cgi?id=1967983

Event History

Aug 5, 2021

CVE Published

via MITRE·12:00 AM

Data Sourced

via MITRE·12:00 AM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

IBM-6574787

Frequently Asked Questions

What is the CVE ID of this vulnerability?

The CVE ID of this vulnerability is CVE-2021-3580.

What is the severity of CVE-2021-3580?

The severity of CVE-2021-3580 is medium with a CVSS score of 5.9.

How does CVE-2021-3580 affect GNU Nettle?

CVE-2021-3580 affects GNU Nettle by causing a denial of service due to a flaw in the RSA decryption functions.

How can an attacker exploit CVE-2021-3580?

An attacker can exploit CVE-2021-3580 by sending specially-crafted ciphertext to the affected application.

How can I fix CVE-2021-3580 in IBM QRadar SIEM?

You can fix CVE-2021-3580 in IBM QRadar SIEM by applying the appropriate patch. For version 7.5.0 GA, use the patch available at: [IBM QRadar SIEM 7.5.0 GA Patch](https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=All&platform=Linux&function=fixId&fixids=7.5.0-QRADAR-QRSIEM-20220215133427&includeRequisites=1&includeSupersedes=0&downloadMethod=http&login=true) For versions 7.4.3 GA - 7.4.3 FP4, use the patch available at: [IBM QRadar SIEM 7.4.3 GA - 7.4.3 FP4 Patch](https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=All&platform=Linux&function=fixId&fixids=7.4.3-QRADAR-QRSIEM-20220307203834&includeRequisites=1&includeSupersedes=0&downloadMethod=http) For versions 7.3.3 GA - 7.3.3 FP10, use the patch available at: [IBM QRadar SIEM 7.3.3 GA - 7.3.3 FP10 Patch](https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM%20Security%20QRadar%20Vulnerability%20Manager&release=All&platform=All&function=fixId&fixids=7.3.3-QRADAR-QRSIEM-20220318161607&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=SAR)

CVE-2021-3580: Input Validation

Other sources

Affected Software

Remediation

Patch Available

Event History

Parent advisories

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the CVE ID of this vulnerability?

What is the severity of CVE-2021-3580?

How does CVE-2021-3580 affect GNU Nettle?

How can an attacker exploit CVE-2021-3580?

How can I fix CVE-2021-3580 in IBM QRadar SIEM?

Company

Resources

Contact