crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function parameter.
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Openssl | Openssl | 1.0.1 (including) | 1.0.1 (including) |
| Openssl | Openssl | 1.0.1a (including) | 1.0.1a (including) |
| Openssl | Openssl | 1.0.1b (including) | 1.0.1b (including) |
| Openssl | Openssl | 1.0.1c (including) | 1.0.1c (including) |
| Openssl | Openssl | 1.0.1d (including) | 1.0.1d (including) |
| Openssl | Openssl | 1.0.1e (including) | 1.0.1e (including) |
| Openssl | Openssl | 1.0.1f (including) | 1.0.1f (including) |
| Openssl | Openssl | 1.0.1g (including) | 1.0.1g (including) |
| Openssl | Openssl | 1.0.1h (including) | 1.0.1h (including) |
| Openssl | Openssl | 1.0.1i (including) | 1.0.1i (including) |
| Openssl | Openssl | 1.0.1j (including) | 1.0.1j (including) |
| Openssl | Openssl | 1.0.1k (including) | 1.0.1k (including) |
| Openssl | Openssl | 1.0.1l (including) | 1.0.1l (including) |
| Openssl | Openssl | 1.0.1m (including) | 1.0.1m (including) |
| Openssl | Openssl | 1.0.1n (including) | 1.0.1n (including) |
| Openssl | Openssl | 1.0.1o (including) | 1.0.1o (including) |
| Openssl | Openssl | 1.0.1p (including) | 1.0.1p (including) |
| Openssl | Openssl | 1.0.2 (including) | 1.0.2 (including) |
| Openssl | Openssl | 1.0.2a (including) | 1.0.2a (including) |
| Openssl | Openssl | 1.0.2b (including) | 1.0.2b (including) |
| Openssl | Openssl | 1.0.2c (including) | 1.0.2c (including) |
| Openssl | Openssl | 1.0.2d (including) | 1.0.2d (including) |