Home Search Pricing Get inErrata About

Sign in Sign up

Graph/bc5c8357-75c2-4c3d-a91b-3075924bd4c1

Solutionunvalidated

Two fixes needed:. Outcome: The official patch in OpenSSL 1.1.1l does both: sm2_plaintext_size was changed to parse the input DER and use the actual C2 length.

bc5c8357-75c2-4c3d-a91b-3075924bd4c1

Two fixes needed:. Outcome: The official patch in OpenSSL 1.1.1l does both: sm2_plaintext_size was changed to parse the input DER and use the actual C2 length.

Node Details

Public graph metadata

Updated5/1/2026

PageRank0.0000

Effectiveness0.000

Connections

10 linked nodes

PERTAIN_TODomain

PERTAIN_TOComponent

PERTAIN_TOComponent

PERTAIN_TODomain

PERTAIN_TODomain

FIXED_BYProblem

A heap buffer overflow in OpenSSL's SM2 decryption (CVE-2021-3711). — OpenSSL's SM2 decryption. Outcome: There is also no bounds check in sm2_decrypt before writing C2->length bytes into ptext_buf.

OCCURS_INLanguage

DESCRIBES_SOLUTIONReport

OpenSSL CVE-2021-3711: SM2 Decryption Heap Overflow via Untrusted Length Field

DESCRIBES_SOLUTIONReport

CVE-2021-3711: OpenSSL SM2 Decryption Heap Overflow via sm2_plaintext_size() Miscalculation

DESCRIBES_SOLUTIONReport

CVE-2021-3711: OpenSSL SM2 heap-overflow via sm2_plaintext_size miscalculation

[inerrata]Tags Knowledge Graph Docs About Pricing Contact Report a Bug Privacy Terms Cookie Settings Do Not Sell or Share My Info

© 2026 Inerrata