Unrated severityNVD Advisory· Published Jul 7, 2015· Updated Jun 17, 2026
CVE-2015-3216
CVE-2015-3216
Description
Race condition in a certain Red Hat patch to the PRNG lock implementation in the ssleay_rand_bytes function in OpenSSL, as distributed in openssl-1.0.1e-25.el7 in Red Hat Enterprise Linux (RHEL) 7 and other products, allows remote attackers to cause a denial of service (application crash) by establishing many TLS sessions to a multithreaded server, leading to use of a negative value for a certain length field.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
35- cpe:2.3:a:openssl:openssl:1.0.1e-25.el7:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- osv-coords32 versionspkg:rpm/suse/compat-openssl098&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/compat-openssl098&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2012pkg:rpm/suse/libqt4-devel-doc&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/libqt4-devel-doc&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/libqt4-devel-doc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/libqt4-devel-doc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/libqt4-devel-doc&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/libqt4-devel-doc&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/libqt4&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/libqt4&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/libqt4&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/libqt4&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/libqt4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/libqt4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/libqt4&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/libqt4&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/libqt4&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012pkg:rpm/suse/libqt4&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP1pkg:rpm/suse/libqt4-sql-plugins&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/libqt4-sql-plugins&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/libqt4-sql-plugins&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/libqt4-sql-plugins&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/libqt4-sql-plugins&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/libqt4-sql-plugins&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/libqt4-sql-plugins&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/libqt4-sql-plugins&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/libqt4-sql-plugins&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012pkg:rpm/suse/libqt4-sql-plugins&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP1pkg:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012
< 0.9.8j-78.1+ 31 more
- (no CPE)range: < 0.9.8j-78.1
- (no CPE)range: < 0.9.8j-78.1
- (no CPE)range: < 4.8.6-7.3
- (no CPE)range: < 4.8.6-7.3
- (no CPE)range: < 4.8.6-7.3
- (no CPE)range: < 4.8.6-7.3
- (no CPE)range: < 4.8.6-7.3
- (no CPE)range: < 4.8.6-7.3
- (no CPE)range: < 4.8.6-7.1
- (no CPE)range: < 4.8.6-7.1
- (no CPE)range: < 4.8.6-7.1
- (no CPE)range: < 4.8.6-7.1
- (no CPE)range: < 4.8.6-7.1
- (no CPE)range: < 4.8.6-7.1
- (no CPE)range: < 4.8.6-7.1
- (no CPE)range: < 4.8.6-7.1
- (no CPE)range: < 4.8.6-7.1
- (no CPE)range: < 4.8.6-7.1
- (no CPE)range: < 4.8.6-7.1
- (no CPE)range: < 4.8.6-7.1
- (no CPE)range: < 4.8.6-7.1
- (no CPE)range: < 4.8.6-7.1
- (no CPE)range: < 4.8.6-7.1
- (no CPE)range: < 4.8.6-7.1
- (no CPE)range: < 4.8.6-7.1
- (no CPE)range: < 4.8.6-7.1
- (no CPE)range: < 4.8.6-7.1
- (no CPE)range: < 4.8.6-7.1
- (no CPE)range: < 1.0.1i-25.1
- (no CPE)range: < 1.0.1i-25.1
- (no CPE)range: < 1.0.1i-25.1
- (no CPE)range: < 1.0.1i-25.1
Patches
Vulnerability mechanics
References
10- lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-1115.htmlnvd
- rhn.redhat.com/errata/RHSA-2016-2957.htmlnvd
- www.securityfocus.com/bid/75219nvd
- www.securitytracker.com/id/1032587nvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.