Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA private key.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Mysql | Oracle | 5.6.0 (including) | 5.6.29 (including) |
| Mysql | Oracle | 5.7.0 (including) | 5.7.11 (including) |
| Red Hat Enterprise Linux 6 | RedHat | openssl-0:1.0.1e-42.el6_7.4 | * |
| Red Hat Enterprise Linux 6 Supplementary | RedHat | java-1.8.0-ibm-1:1.8.0.5.20-1jpp.1.el6_10 | * |
| Red Hat Enterprise Linux 7 | RedHat | openssl-1:1.0.1e-51.el7_2.4 | * |
| Red Hat Enterprise Linux 7 Supplementary | RedHat | java-1.8.0-ibm-1:1.8.0.5.20-1jpp.1.el7 | * |
| Red Hat JBoss Core Services 1 | RedHat | * | |
| Red Hat Satellite 5.8 | RedHat | java-1.8.0-ibm-1:1.8.0.5.20-1jpp.1.el6_10 | * |
| RHEV 3.X Hypervisor and Agents for RHEL-6 | RedHat | rhev-hypervisor7-0:7.2-20160302.1.el6ev | * |
| RHEV 3.X Hypervisor and Agents for RHEL-7 | RedHat | rhev-hypervisor7-0:7.2-20160302.1.el7ev | * |
| Openssl | Ubuntu | devel | * |
| Openssl | Ubuntu | precise | * |
| Openssl | Ubuntu | trusty | * |
| Openssl | Ubuntu | upstream | * |
| Openssl | Ubuntu | vivid/stable-phone-overlay | * |
| Openssl | Ubuntu | vivid/ubuntu-core | * |
| Openssl | Ubuntu | wily | * |
| Openssl | Ubuntu | xenial | * |
| Openssl098 | Ubuntu | upstream | * |