Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

CVE-2021-3449 NULL pointer deref in signature_algorithms processing

Summary (taken from OpenSSL public message on this CVE)


An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack.


A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration).


Is LoadMaster vulnerable?

LoadMaster v7.2.44 or earlier is not impacted


LoadMaster v7.2.45 or later is impacted


Is Kemp 360 Central vulnerable?

Kemp 360 Central is still under investigation


Is Kemp 360 Vision vulnerable?

Kemp 360 Vision is still under investigation


Recommended Actions

Kemp is working on determining the best way to resolve this issue. 


There are currently 2 alternative workarounds


  • Disable SSL Renegotiation by unticking "Enable SSL Renegotiation" under Network Options.


  • An alternative for LoadMaster v7.2.53 or later includes an option to revert to OpenSSL v1.0.2 which is not impacted by this issue.


For further information please reach out to the Kemp Support team.


Additional Information

For additional information about the discovered vulnerability:

CVE-2021-3449 ( and NIST)


These pages also include the latest links to the security pages for the platform providers.


Kemp is committed to resolving security vulnerabilities carefully and quickly. If you think you have found a security flaw in a Kemp product, please send all supporting information to

Was this article helpful?
0 out of 0 found this helpful



Justin Benson

Are we ever getting a fix for this? We received notice of this flaw and have implemented the workaround since March 30, 2021. We would very much like to receive a permanent fix.