The host is installed with OpenSSL 1.1.1 through 1.1.1k and is prone to a buffer overflow vulnerability. A flaw is present in the SM2 decryption code.successful exploitation could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash.