rpm package
suse/openssl&distro=SUSE Linux Enterprise Software Development Kit 12 SP2
pkg:rpm/suse/openssl&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2
Vulnerabilities (8)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-0739 | — | < 1.0.2j-60.24.1 | 1.0.2j-60.24.1 | Mar 27, 2018 | Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from u | ||
| CVE-2017-3738 | Med | 5.9 | < 1.0.2j-60.20.2 | 1.0.2j-60.20.2 | Dec 7, 2017 | There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believ | |
| CVE-2017-3737 | Med | 5.9 | < 1.0.2j-60.20.2 | 1.0.2j-60.20.2 | Dec 7, 2017 | OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as d | |
| CVE-2017-3736 | Med | 6.5 | < 1.0.2j-60.16.1 | 1.0.2j-60.16.1 | Nov 2, 2017 | There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are n | |
| CVE-2017-3735 | Med | 5.3 | < 1.0.2j-60.16.1 | 1.0.2j-60.16.1 | Aug 28, 2017 | While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g | |
| CVE-2016-7055 | Med | 5.9 | < 1.0.2j-59.1 | 1.0.2j-59.1 | May 4, 2017 | There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impos | |
| CVE-2017-3732 | Med | 5.9 | < 1.0.2j-59.1 | 1.0.2j-59.1 | May 4, 2017 | There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and | |
| CVE-2017-3731 | Hig | 7.5 | < 1.0.2j-59.1 | 1.0.2j-59.1 | May 4, 2017 | If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA |
- CVE-2018-0739Mar 27, 2018affected < 1.0.2j-60.24.1fixed 1.0.2j-60.24.1
Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from u
- affected < 1.0.2j-60.20.2fixed 1.0.2j-60.20.2
There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believ
- affected < 1.0.2j-60.20.2fixed 1.0.2j-60.20.2
OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as d
- affected < 1.0.2j-60.16.1fixed 1.0.2j-60.16.1
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are n
- affected < 1.0.2j-60.16.1fixed 1.0.2j-60.16.1
While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g
- affected < 1.0.2j-59.1fixed 1.0.2j-59.1
There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impos
- affected < 1.0.2j-59.1fixed 1.0.2j-59.1
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and
- affected < 1.0.2j-59.1fixed 1.0.2j-59.1
If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA