CVE-2021-45450 – This vulnerability in Mbed TLS allows policy by... (How to Fix)

Q: What is the severity of CVE-2021-45450?

CVE-2021-45450 has a CVSS score of 7.5 (HIGH). This vulnerability in Mbed TLS allows policy bypass or oracle-based decryption attacks when untrusted applications can access output buffer memory locations. It affects systems using Mbed TLS for cryptographic operations before versions 2.28.0 or 3.1.0. Attackers could potentially decrypt sensitive data or bypass security policies.

📋 TL;DR

This vulnerability in Mbed TLS allows policy bypass or oracle-based decryption attacks when untrusted applications can access output buffer memory locations. It affects systems using Mbed TLS for cryptographic operations before versions 2.28.0 or 3.1.0. Attackers could potentially decrypt sensitive data or bypass security policies.

💻 Affected Systems

Products:

Mbed TLS
Applications using Mbed TLS library

Versions: Mbed TLS versions before 2.28.0 and 3.x before 3.1.0

Operating Systems: All operating systems using affected Mbed TLS versions

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability requires specific usage of psa_cipher_generate_iv or psa_cipher_encrypt functions with output buffers accessible to untrusted applications.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of encrypted data, allowing decryption of sensitive information like passwords, session tokens, or private communications.

🟠

Likely Case

Partial information leakage through oracle attacks, potentially revealing patterns or portions of encrypted data.

🟢

If Mitigated

No impact if proper memory isolation and access controls prevent untrusted applications from accessing buffer memory.

🌐 Internet-Facing: MEDIUM - Requires specific memory access conditions and cryptographic usage patterns.

🏢 Internal Only: MEDIUM - Similar risk profile as internet-facing, dependent on application architecture and memory isolation.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires memory access conditions and specific cryptographic usage patterns.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Mbed TLS 2.28.0 or 3.1.0

Vendor Advisory: https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.0

Restart Required: Yes

Instructions:

1. Update Mbed TLS to version 2.28.0 or higher for 2.x branch, or 3.1.0 or higher for 3.x branch. 2. Recompile applications using the library. 3. Restart affected services.

🔧 Temporary Workarounds

Memory isolation enforcement

all

Ensure output buffers for psa_cipher_generate_iv and psa_cipher_encrypt are not accessible to untrusted applications

🧯 If You Can't Patch

Implement strict memory access controls to prevent untrusted applications from accessing cryptographic operation buffers
Monitor for unusual cryptographic operation patterns or memory access attempts

🔍 How to Verify

Check if Vulnerable:

Check Mbed TLS version with: mbedtls_version -v or examine library files

Check Version:

mbedtls_version -v

Verify Fix Applied:

Confirm version is 2.28.0+ for 2.x branch or 3.1.0+ for 3.x branch

📡 Detection & Monitoring

Log Indicators:

Unusual memory access patterns to cryptographic buffers
Failed cryptographic operations with specific error codes

Network Indicators:

Unusual patterns in encrypted traffic that might indicate oracle attacks

SIEM Query:

Search for process memory access violations or cryptographic operation failures in system logs

📊 Metadata

CVE ID: CVE-2021-45450

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-327

Published: December 21, 2021

Last Updated: November 21, 2024

🔗 References

https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.0 Release Notes,Third Party Advisory
https://github.com/ARMmbed/mbedtls/releases/tag/v3.1.0 Release Notes,Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IL66WKJGXY5AXMTFE7QDMGL3RIBD6PX5/ Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TALJHOYAYSUJTLN6BYGLO4YJGNZUY74W/ Mailing List
https://security.gentoo.org/glsa/202301-08 Third Party Advisory
https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.0 Release Notes,Third Party Advisory
https://github.com/ARMmbed/mbedtls/releases/tag/v3.1.0 Release Notes,Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IL66WKJGXY5AXMTFE7QDMGL3RIBD6PX5/ Mailing List
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TALJHOYAYSUJTLN6BYGLO4YJGNZUY74W/ Mailing List
https://security.gentoo.org/glsa/202301-08 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-45450, you might also want to check these: