Your submission was sent successfully! Close

CVE-2020-1967

Published: 21 April 2020

Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).

Notes

AuthorNote
mdeslaur
introduced in 1.1.1d
Priority

High

CVSS 3 base score: 7.5

Status

Package Release Status
edk2
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(code not present)
eoan Not vulnerable
(code not present)
focal Not vulnerable
(code not compiled)
precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Not vulnerable
(code not present)
openssl
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(code not present)
eoan Not vulnerable
(code not present)
focal
Released (1.1.1f-1ubuntu2)
precise Not vulnerable
(code not present)
trusty Not vulnerable
(code not present)
upstream
Released (1.1.1g)
xenial Not vulnerable
(code not present)
Patches:
upstream: https://github.com/openssl/openssl/commit/a87f3fe01a5a894aa27ccd6a239155fd129988e4
upstream: https://github.com/openssl/openssl/commit/3656c08ab4b1b892730cb5e808b6f4298b08a2e6
openssl1.0
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(code not present)
eoan Does not exist

focal Does not exist

precise Does not exist

trusty Does not exist

upstream Needs triage

xenial Does not exist