CVE-2014-0198
Published: 02 May 2014
The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.
Priority
Medium
Status
| Package | Release | Status |
|---|---|---|
|
openssl Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Released
(1.0.1f-1ubuntu2.1)
|
|
|
Patches: Vendor: http://anoncvs.estpak.ee/cgi-bin/cgit/openbsd-src/commit/lib/libssl?id=e76e308f1fab2253ab5b4ef52a1865c5ffecdf21 Vendor: http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/005_openssl.patch.sig |
||
|
openssl098 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was not-affected [code not present])
|
|
Notes
| Author | Note |
|---|---|
| mdeslaur | introduced by https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=8671b898609777c95aedf33743419a523874e6e8 |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198
- http://www.openwall.com/lists/oss-security/2014/05/02/5
- https://usn.ubuntu.com/usn/usn-2192-1
- NVD
- Launchpad
- Debian