Bug 1288955 - (CVE-2015-1794) CVE-2015-1794 OpenSSL: Anon DH ServerKeyExchange with 0 p parameter
CVE-2015-1794 OpenSSL: Anon DH ServerKeyExchange with 0 p parameter
Status: CLOSED NOTABUG
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
impact=low,public=20151204,reported=2...
: Security
Depends On:
Blocks: 1288329
  Show dependency treegraph
 
Reported: 2015-12-07 01:09 EST by Huzaifa S. Sidhpurwala
Modified: 2015-12-07 01:12 EST (History)
23 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-12-07 01:12:27 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Huzaifa S. Sidhpurwala 2015-12-07 01:09:08 EST
The following was reported by OpenSSL upstream:

If a client receives a ServerKeyExchange for an anonymous DH ciphersuite with the value of p set to 0 then a seg fault can occur leading to a possible denial of service attack.

This issue affects OpenSSL version 1.0.2.

OpenSSL 1.0.2 users should upgrade to 1.0.2e

This issue was reported to OpenSSL on August 3 2015 by Guy Leaver (Cisco). The fix was developed by Matt Caswell of the OpenSSL development team.
Comment 1 Huzaifa S. Sidhpurwala 2015-12-07 01:12:27 EST
Statement:

This issue does not affect the version of OpenSSL as shipped with Red Hat Enterprise Linux 5, 6 and 7.

Note You need to log in before you can comment on or make changes to this bug.