Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions before 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openssl openssl |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
freebsd freebsd 12.1 |
||
fedoraproject fedora 30 |
||
fedoraproject fedora 31 |
||
fedoraproject fedora 32 |
||
oracle peoplesoft enterprise peopletools 8.56 |
||
oracle peoplesoft enterprise peopletools 8.57 |
||
oracle jd edwards world security a9.4 |
||
oracle enterprise manager ops center 12.4.0 |
||
oracle peoplesoft enterprise peopletools 8.58 |
||
oracle mysql |
||
oracle enterprise manager base platform 13.4.0.0 |
||
oracle mysql enterprise monitor |
||
oracle mysql workbench |
||
oracle http server 12.2.1.4.0 |
||
oracle enterprise manager for storage management 13.3.0.0 |
||
oracle mysql connectors |
||
oracle enterprise manager for storage management 13.4.0.0 |
||
oracle peoplesoft enterprise peopletools 8.59 |
||
oracle application server 12.1.3 |
||
netapp snapcenter - |
||
netapp steelstore cloud integrated storage - |
||
netapp oncommand workflow automation - |
||
netapp oncommand insight - |
||
netapp smi-s provider - |
||
netapp active iq unified manager |
||
netapp e-series performance analyzer - |
||
broadcom fabric operating system - |
||
opensuse leap 15.1 |
||
opensuse leap 15.2 |
||
jdedwards enterpriseone |
||
tenable log correlation engine |
Static analyzer proves its worth with discovery of null-pointer error
A static analysis feature set to appear in GCC 10, which will catch common programming errors that can lead to security vulnerabilities, has scored an early win – it snared an exploitable flaw in OpenSSL. Bernd Edlinger discovered CVE-2020-1967, a denial-of-service flaw deemed to be a high severity risk by the OpenSSL team. It is possible to crash a server or application that uses a vulnerable build of OpenSSL by sending specially crafted messages while setting up a TLS 1.3 connection. This me...