Openssl · Openssl · CVE-2021-4044
**Name of the Vulnerable Software and Affected Versions**
OpenSSL version 3.0.0
OpenSSL versions prior to 3.0.1
**Description**
The issue is related to the mishandling of internal errors by the `X509 verify cert()` function in OpenSSL. This function may return a negative value to indicate an internal error, such as out of memory. However, OpenSSL mishandles this negative return value, causing IO functions like `SSL connect()` or `SSL do handshake()` to not indicate success. As a result, a subsequent call to `SSL get error()` returns the value `SSL ERROR WANT RETRY VERIFY`, which is unexpected for most applications. This can lead to crashes, infinite loops, or other incorrect responses, depending on the application. The issue is more serious when combined with a separate bug in OpenSSL 3.0 that causes `X509 verify cert()` to indicate an internal error when processing a certificate chain without the Subject Alternative Name extension but with enforced name constraints by a Certificate Authority.
**Recommendations**
For OpenSSL version 3.0.0, update to version 3.0.1 to fix the issue.
For versions prior to 3.0.1, update to version 3.0.1 or a later version to resolve the issue.
As a temporary workaround, consider disabling the `X509 verify cert()` function until a patch is available.
Restrict access to the vulnerable `SSL connect()` and `SSL do handshake()` functions to minimize the risk of exploitation.
Avoid using the `SSL ERROR WANT RETRY VERIFY` return value from `SSL get error()` until the issue is resolved.