Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 1314757 - (CVE-2016-2842) CVE-2016-2842 openssl: doapr_outch function does not verify that certain memory allocation succeeds
CVE-2016-2842 openssl: doapr_outch function does not verify that certain memo...
Status: NEW
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
impact=low,public=20160303,reported=2...
: Security
Depends On: 1312856 1312857 1312858 1314764 1314765 1314766 1321841 1321842 1331569 1331865 1331866 1366994
Blocks: 1314768 1395463
  Show dependency treegraph
 
Reported: 2016-03-04 07:15 EST by Adam Mariš
Modified: 2017-11-14 08:55 EST (History)
42 users (show)

See Also:
Fixed In Version: openssl 1.0.1s, openssl 1.0.2g
Doc Type: Bug Fix
Doc Text:
Several flaws were found in the way BIO_*printf functions were implemented in OpenSSL. Applications which passed large amounts of untrusted data through these functions could crash or potentially execute code with the permissions of the user running such an application.
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2016:0722 normal SHIPPED_LIVE Important: openssl security update 2016-05-09 09:28:24 EDT
Red Hat Product Errata RHSA-2016:0996 normal SHIPPED_LIVE Important: openssl security update 2016-05-10 04:18:56 EDT
Red Hat Product Errata RHSA-2016:2073 normal SHIPPED_LIVE Important: openssl security update 2016-10-18 07:08:06 EDT
Red Hat Product Errata RHSA-2016:2957 normal SHIPPED_LIVE Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release 2016-12-15 22:11:19 EST

  None (edit)
Description Adam Mariš 2016-03-04 07:15:42 EST 
It was found that doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not verify that a certain memory allocation succeeds, which allows remote attackers to cause a denial of service (out-of-bounds write or memory consumption) or possibly have unspecified other impact via a long string, as demonstrated by a large amount of ASN.1 data. This issues is different than CVE-2016-0799.

Upstream patch:

https://git.openssl.org/?p=openssl.git;a=commit;h=578b956fe741bf8e84055547b1e83c28dd902c73
Comment 1 Adam Mariš 2016-03-04 07:31:23 EST 
Created openssl101e tracking bugs for this issue:

Affects: epel-5 [bug 1314766]
Comment 2 Adam Mariš 2016-03-04 07:31:38 EST 
Created openssl tracking bugs for this issue:

Affects: fedora-all [bug 1314764]
Comment 3 Adam Mariš 2016-03-04 07:31:48 EST 
Created mingw-openssl tracking bugs for this issue:

Affects: fedora-all [bug 1314765]
Comment 10 petercho 2016-04-11 00:26:26 EDT 
Can we do this in higher priority?
Clients concern this seriously as it is related to openssl.
Thanks.
Comment 12 Tomas Mraz 2016-04-29 11:17:27 EDT 
Note that the patch for CVE-2016-0799 fixes also this issue.
Comment 14 Martin Prpič 2016-05-03 10:53:21 EDT 
Acknowledgments:

Name: the OpenSSL project
Upstream: Guido Vranken
Comment 15 errata-xmlrpc 2016-05-09 05:28:43 EDT 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2016:0722 https://rhn.redhat.com/errata/RHSA-2016-0722.html
Comment 16 errata-xmlrpc 2016-05-10 00:20:19 EDT 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2016:0996 https://rhn.redhat.com/errata/RHSA-2016-0996.html
Comment 21 errata-xmlrpc 2016-10-18 03:08:37 EDT 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6.7 Extended Update Support

Via RHSA-2016:2073 https://rhn.redhat.com/errata/RHSA-2016-2073.html
Comment 22 errata-xmlrpc 2016-12-15 17:16:35 EST 
This issue has been addressed in the following products:



Via RHSA-2016:2957 https://rhn.redhat.com/errata/RHSA-2016-2957.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.