Red Hat Bugzilla – Bug 1288955
CVE-2015-1794 OpenSSL: Anon DH ServerKeyExchange with 0 p parameter
Last modified: 2015-12-07 01:12:27 EST
The following was reported by OpenSSL upstream:
If a client receives a ServerKeyExchange for an anonymous DH ciphersuite with the value of p set to 0 then a seg fault can occur leading to a possible denial of service attack.
This issue affects OpenSSL version 1.0.2.
OpenSSL 1.0.2 users should upgrade to 1.0.2e
This issue was reported to OpenSSL on August 3 2015 by Guy Leaver (Cisco). The fix was developed by Matt Caswell of the OpenSSL development team.
This issue does not affect the version of OpenSSL as shipped with Red Hat Enterprise Linux 5, 6 and 7.