CVE-2015-1794
Publication date 4 December 2015
Last updated 24 July 2024
Ubuntu priority
The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 before 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message.
Status
Package | Ubuntu Release | Status |
---|---|---|
openssl | ||
14.04 LTS trusty |
Not affected
|
|
openssl098 | ||
14.04 LTS trusty | Not in release | |
Notes
Patch details
Package | Patch details |
---|---|
openssl |
References
Related Ubuntu Security Notices (USN)
- USN-2830-1
- OpenSSL vulnerabilities
- 7 December 2015