OpenSSL buffer overflow vulnerability (CVE-2021-3711) fixed

created at 12-15-2021 views: 1

The solution is very simple, just upgrade the version of OpenSSL.

step

1. Download

wget https://www.openssl.org/source/openssl-3.0.0-alpha10.tar.gz

2. Unzip

tar zxf openssl-3.0.0-alpha10.tar.gz

3. Compile and install

cd openssl-3.0.0-alpha10 // Enter the catalog
./Configure

make && make install Execute compilation or execute compilation and installation

4. Check

openssl version (or dpkg -l openssl) // OpenSSL version

After executing openssl version, the installed version is displayed, and the upgrade is completed (note: be sure to open a new window to check)

Notice

If all goes well, the entire upgrade process will be completed in about 10 minutes. But if there is a problem, it may take half a day or longer. Here are the problems and solutions that occurred during my upgrade:

1. If the error appears during compilation: ...include/limits.h fatal error: limits.h: No such file or directory, execute the following command:

sudo apt-get install build-essential

2. If the openssl version command is executed after the upgrade, the error appears: openssl: error while loading shared libraries: libssl.so.3: cannot open shared object file: No such file or directory, then execute the following command:

ln -s /usr/local/lib/libssl.so.3 /usr/lib/libssl.so.3
ln -s /usr/local/lib/libcrypto.so.3 /usr/lib/libcrypto.so.3

The above is the process of fixing the vulnerability of CVE-2021-3711, I hope it will be helpful to everyone.

created at:12-15-2021
edited at: 12-15-2021: