Red Hat Bugzilla – Bug 1288322
CVE-2015-3195 OpenSSL: X509_ATTRIBUTE memory leak
Last modified: 2018-10-27 17:28:03 EDT
The following was reported by OpenSSL upstream: When presented with a malformed X509_ATTRIBUTE structure OpenSSL will leak memory. This structure is used by the PKCS#7 and CMS routines so any application which reads PKCS#7 or CMS data from untrusted sources is affected. SSL/TLS is not affected. This issue affects OpenSSL versions 1.0.2 and 1.0.1, 1.0.0 and 0.9.8. OpenSSL 1.0.2 users should upgrade to 1.0.2e OpenSSL 1.0.1 users should upgrade to 1.0.1q OpenSSL 1.0.0 users should upgrade to 1.0.0t OpenSSL 0.9.8 users should upgrade to 0.9.8zh This issue was reported to OpenSSL on November 9 2015 by Adam Langley (Google/BoringSSL) using libFuzzer. The fix was developed by Dr. Stephen Henson of the OpenSSL development team.
External References: https://openssl.org/news/secadv/20151203.txt
Upstream commits: OpenSSL 1.0.2: https://git.openssl.org/?p=openssl.git;a=commit;h=cc598f321fbac9c04da5766243ed55d55948637d OpenSSL 1.0.1: https://git.openssl.org/?p=openssl.git;a=commit;h=b29ffa392e839d05171206523e84909146f7a77c OpenSSL 1.0.0: https://git.openssl.org/?p=openssl.git;a=commit;h=cf432b3b1bd7caa22943b41b94ec2472ae497dc6 OpenSSL 0.9.8: https://git.openssl.org/?p=openssl.git;a=commit;h=2cdafc51f008e65b2d5263a80ad0e89e9b56c8d3
openssl-1.0.2e-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
Created mingw-openssl tracking bugs for this issue: Affects: fedora-all [bug 1290334]
This issue has been addressed in the following products: Red Hat Enterprise Linux 5 Via RHSA-2015:2616 https://rhn.redhat.com/errata/RHSA-2015-2616.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 6 Via RHSA-2015:2617 https://rhn.redhat.com/errata/RHSA-2015-2617.html
openssl-1.0.1k-13.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
openssl101e-1.0.1e-5.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.
After upgrading the openssl to openssl-devel-0.9.8e-37.el5_11 on Redhat5, we get the following error. Does this upgrade disabled some ciphers? openssl s_client -connect domain:443 CONNECTED(00000003) 6052:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:591:
In comparison to openssl-36.el5_11 there was no change apart from the fix for CVE-2015-3195 which does not touch SSL/TLS code at all.
interesting, but it just works when I downgrade the openssl to 36.el5.11. $ openssl s_client -connect domain:443 CONNECTED(00000003) -- snip -- SSL handshake has read 3313 bytes and written 319 bytes --- New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 2048 bit Secure Renegotiation IS supported ---
I have to direct you to regular support channels for further investigation.
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 6.4.10 Via RHSA-2016:2056 https://rhn.redhat.com/errata/RHSA-2016-2056.html
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Via RHSA-2016:2054 https://rhn.redhat.com/errata/RHSA-2016-2054.html
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Via RHSA-2016:2055 https://rhn.redhat.com/errata/RHSA-2016-2055.html
This issue has been addressed in the following products: Via RHSA-2016:2957 https://rhn.redhat.com/errata/RHSA-2016-2957.html