Your submission was sent successfully! Close

CVE-2014-3513

Published: 15 October 2014

Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message.

Priority

Medium

Status

Package Release Status
openssl
Launchpad, Ubuntu, Debian
lucid Not vulnerable
(0.9.8k-7ubuntu8.21)
precise
Released (1.0.1-4ubuntu5.20)
trusty
Released (1.0.1f-1ubuntu2.7)
upstream
Released (1.0.1j)
openssl098
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Not vulnerable

trusty Does not exist
(trusty was not-affected)
upstream Needs triage