Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Openssl | Openssl | * | 0.9.8w (including) |
| Openssl | Openssl | 0.9.1c (including) | 0.9.1c (including) |
| Openssl | Openssl | 0.9.2b (including) | 0.9.2b (including) |
| Openssl | Openssl | 0.9.3 (including) | 0.9.3 (including) |
| Openssl | Openssl | 0.9.3a (including) | 0.9.3a (including) |
| Openssl | Openssl | 0.9.4 (including) | 0.9.4 (including) |
| Openssl | Openssl | 0.9.5 (including) | 0.9.5 (including) |
| Openssl | Openssl | 0.9.5-beta1 (including) | 0.9.5-beta1 (including) |
| Openssl | Openssl | 0.9.5-beta2 (including) | 0.9.5-beta2 (including) |
| Openssl | Openssl | 0.9.5a (including) | 0.9.5a (including) |
| Openssl | Openssl | 0.9.5a-beta1 (including) | 0.9.5a-beta1 (including) |
| Openssl | Openssl | 0.9.5a-beta2 (including) | 0.9.5a-beta2 (including) |
| Openssl | Openssl | 0.9.6 (including) | 0.9.6 (including) |
| Openssl | Openssl | 0.9.6-beta1 (including) | 0.9.6-beta1 (including) |
| Openssl | Openssl | 0.9.6-beta2 (including) | 0.9.6-beta2 (including) |
| Openssl | Openssl | 0.9.6-beta3 (including) | 0.9.6-beta3 (including) |
| Openssl | Openssl | 0.9.6a (including) | 0.9.6a (including) |
| Openssl | Openssl | 0.9.6a-beta1 (including) | 0.9.6a-beta1 (including) |
| Openssl | Openssl | 0.9.6a-beta2 (including) | 0.9.6a-beta2 (including) |
| Openssl | Openssl | 0.9.6a-beta3 (including) | 0.9.6a-beta3 (including) |
| Openssl | Openssl | 0.9.6b (including) | 0.9.6b (including) |
| Openssl | Openssl | 0.9.6c (including) | 0.9.6c (including) |
| Openssl | Openssl | 0.9.6d (including) | 0.9.6d (including) |
| Openssl | Openssl | 0.9.6e (including) | 0.9.6e (including) |
| Openssl | Openssl | 0.9.6f (including) | 0.9.6f (including) |
| Openssl | Openssl | 0.9.6g (including) | 0.9.6g (including) |
| Openssl | Openssl | 0.9.6h (including) | 0.9.6h (including) |
| Openssl | Openssl | 0.9.6i (including) | 0.9.6i (including) |
| Openssl | Openssl | 0.9.6j (including) | 0.9.6j (including) |
| Openssl | Openssl | 0.9.6k (including) | 0.9.6k (including) |
| Openssl | Openssl | 0.9.6l (including) | 0.9.6l (including) |
| Openssl | Openssl | 0.9.6m (including) | 0.9.6m (including) |
| Openssl | Openssl | 0.9.7 (including) | 0.9.7 (including) |
| Openssl | Openssl | 0.9.7-beta1 (including) | 0.9.7-beta1 (including) |
| Openssl | Openssl | 0.9.7-beta2 (including) | 0.9.7-beta2 (including) |
| Openssl | Openssl | 0.9.7-beta3 (including) | 0.9.7-beta3 (including) |
| Openssl | Openssl | 0.9.7-beta4 (including) | 0.9.7-beta4 (including) |
| Openssl | Openssl | 0.9.7-beta5 (including) | 0.9.7-beta5 (including) |
| Openssl | Openssl | 0.9.7-beta6 (including) | 0.9.7-beta6 (including) |
| Openssl | Openssl | 0.9.7a (including) | 0.9.7a (including) |
| Openssl | Openssl | 0.9.7b (including) | 0.9.7b (including) |
| Openssl | Openssl | 0.9.7c (including) | 0.9.7c (including) |
| Openssl | Openssl | 0.9.7d (including) | 0.9.7d (including) |
| Openssl | Openssl | 0.9.7e (including) | 0.9.7e (including) |
| Openssl | Openssl | 0.9.7f (including) | 0.9.7f (including) |
| Openssl | Openssl | 0.9.7g (including) | 0.9.7g (including) |
| Openssl | Openssl | 0.9.7h (including) | 0.9.7h (including) |
| Openssl | Openssl | 0.9.7i (including) | 0.9.7i (including) |
| Openssl | Openssl | 0.9.7j (including) | 0.9.7j (including) |
| Openssl | Openssl | 0.9.7k (including) | 0.9.7k (including) |
| Openssl | Openssl | 0.9.7l (including) | 0.9.7l (including) |
| Openssl | Openssl | 0.9.7m (including) | 0.9.7m (including) |
| Openssl | Openssl | 0.9.8 (including) | 0.9.8 (including) |
| Openssl | Openssl | 0.9.8a (including) | 0.9.8a (including) |
| Openssl | Openssl | 0.9.8b (including) | 0.9.8b (including) |
| Openssl | Openssl | 0.9.8c (including) | 0.9.8c (including) |
| Openssl | Openssl | 0.9.8d (including) | 0.9.8d (including) |
| Openssl | Openssl | 0.9.8e (including) | 0.9.8e (including) |
| Openssl | Openssl | 0.9.8f (including) | 0.9.8f (including) |
| Openssl | Openssl | 0.9.8g (including) | 0.9.8g (including) |
| Openssl | Openssl | 0.9.8h (including) | 0.9.8h (including) |
| Openssl | Openssl | 0.9.8i (including) | 0.9.8i (including) |
| Openssl | Openssl | 0.9.8j (including) | 0.9.8j (including) |
| Openssl | Openssl | 0.9.8k (including) | 0.9.8k (including) |
| Openssl | Openssl | 0.9.8l (including) | 0.9.8l (including) |
| Openssl | Openssl | 0.9.8m (including) | 0.9.8m (including) |
| Openssl | Openssl | 0.9.8m-beta1 (including) | 0.9.8m-beta1 (including) |
| Openssl | Openssl | 0.9.8n (including) | 0.9.8n (including) |
| Openssl | Openssl | 0.9.8o (including) | 0.9.8o (including) |
| Openssl | Openssl | 0.9.8p (including) | 0.9.8p (including) |
| Openssl | Openssl | 0.9.8q (including) | 0.9.8q (including) |
| Openssl | Openssl | 0.9.8r (including) | 0.9.8r (including) |
| Openssl | Openssl | 0.9.8s (including) | 0.9.8s (including) |
| Openssl | Openssl | 0.9.8t (including) | 0.9.8t (including) |
| Openssl | Openssl | 0.9.8u (including) | 0.9.8u (including) |
| Openssl | Openssl | 0.9.8v (including) | 0.9.8v (including) |
| Openssl | Redhat | 0.9.6-15 (including) | 0.9.6-15 (including) |
| Openssl | Redhat | 0.9.6b-3 (including) | 0.9.6b-3 (including) |
| Openssl | Redhat | 0.9.7a-2 (including) | 0.9.7a-2 (including) |
| Red Hat Enterprise Linux 5 | RedHat | openssl-0:0.9.8e-22.el5_8.4 | * |
| Red Hat Enterprise Linux 6 | RedHat | openssl-0:1.0.0-20.el6_2.5 | * |
| Red Hat JBoss Enterprise Application Platform 5.1 | RedHat | * | |
| Red Hat JBoss Enterprise Application Platform 6.0 | RedHat | * | |
| Red Hat JBoss Web Server 1.0 | RedHat | * | |
| Openssl | Ubuntu | devel | * |
| Openssl | Ubuntu | esm-infra-legacy/trusty | * |
| Openssl | Ubuntu | hardy | * |
| Openssl | Ubuntu | lucid | * |
| Openssl | Ubuntu | natty | * |
| Openssl | Ubuntu | oneiric | * |
| Openssl | Ubuntu | precise | * |
| Openssl | Ubuntu | quantal | * |
| Openssl | Ubuntu | raring | * |
| Openssl | Ubuntu | saucy | * |
| Openssl | Ubuntu | trusty | * |
| Openssl | Ubuntu | trusty/esm | * |
| Openssl | Ubuntu | upstream | * |
| Openssl098 | Ubuntu | devel | * |
| Openssl098 | Ubuntu | oneiric | * |
| Openssl098 | Ubuntu | precise | * |
| Openssl098 | Ubuntu | quantal | * |
| Openssl098 | Ubuntu | raring | * |
| Openssl098 | Ubuntu | saucy | * |
| Openssl098 | Ubuntu | trusty | * |
References
- http://cvs.openssl.org/chngview?cn=22538
- http://cvs.openssl.org/chngview?cn=22547
- http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081460.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html
- http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00019.html
- http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00020.html
- http://marc.info/?l=bugtraq\u0026m=134919053717161\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2
- http://rhn.redhat.com/errata/RHSA-2012-0699.html
- http://rhn.redhat.com/errata/RHSA-2012-1306.html
- http://rhn.redhat.com/errata/RHSA-2012-1307.html
- http://rhn.redhat.com/errata/RHSA-2012-1308.html
- http://secunia.com/advisories/49116
- http://secunia.com/advisories/49208
- http://secunia.com/advisories/49324
- http://secunia.com/advisories/50768
- http://secunia.com/advisories/51312
- http://support.apple.com/kb/HT5784
- http://www.cert.fi/en/reports/2012/vulnerability641549.html
- http://www.debian.org/security/2012/dsa-2475
- http://www.kb.cert.org/vuls/id/737740
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:073
- http://www.openssl.org/news/secadv_20120510.txt
- http://www.securityfocus.com/bid/53476
- http://www.securitytracker.com/id?1027057
- https://bugzilla.redhat.com/show_bug.cgi?id=820686
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75525
- http://cvs.openssl.org/chngview?cn=22538
- http://cvs.openssl.org/chngview?cn=22547
- http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081460.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html
- http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00019.html
- http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00020.html
- http://marc.info/?l=bugtraq\u0026m=134919053717161\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=136432043316835\u0026w=2
- http://rhn.redhat.com/errata/RHSA-2012-0699.html
- http://rhn.redhat.com/errata/RHSA-2012-1306.html
- http://rhn.redhat.com/errata/RHSA-2012-1307.html
- http://rhn.redhat.com/errata/RHSA-2012-1308.html
- http://secunia.com/advisories/49116
- http://secunia.com/advisories/49208
- http://secunia.com/advisories/49324
- http://secunia.com/advisories/50768
- http://secunia.com/advisories/51312
- http://support.apple.com/kb/HT5784
- http://www.cert.fi/en/reports/2012/vulnerability641549.html
- http://www.debian.org/security/2012/dsa-2475
- http://www.kb.cert.org/vuls/id/737740
- http://www.mandriva.com/security/advisories?name=MDVSA-2012:073
- http://www.openssl.org/news/secadv_20120510.txt
- http://www.securityfocus.com/bid/53476
- http://www.securitytracker.com/id?1027057
- https://bugzilla.redhat.com/show_bug.cgi?id=820686
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75525