Red Hat Bugzilla – Bug 908029
CVE-2012-2686 openssl: DoS due to improper handling of CBC ciphersuites in TLS 1.1/1.2 on AES-NI supporting platforms
Last modified: 2013-12-18 19:36:23 EST
A flaw in the OpenSSL handling of CBC ciphersuites in TLS 1.1 and TLS 1.2 on AES-NI (Advanced Encryption Standard New Instructions) supporting platforms  can be exploited in a DoS attack.
Anyone using an AES-NI platform for TLS 1.2 or TLS 1.1 on OpenSSL 1.0.1c is affected. Platforms which do not support AES-NI or versions of OpenSSL which do not implement TLS 1.2 or 1.1 (for example OpenSSL 0.9.8 and 1.0.0) are not affected.
Not vulnerable. This issue did not affect the versions of OpenSSL as shipped with Red Hat Enterprise Linux 5 and 6 as they did not include support for TLS 1.2 or 1.1.
Created openssl tracking bugs for this issue
Affects: fedora-18 [bug 908032]
Fix for this is included as part of the changeset which is one of the several changesets added to address CVE-2013-0169 in OpenSSL (bug 907589):