CVE-2015-3216 in OpenSSLinformazioni

Riassunto

di MITRE

Race condition in a certain Red Hat patch to the PRNG lock implementation in the ssleay_rand_bytes function in OpenSSL, as distributed in openssl-1.0.1e-25.el7 in Red Hat Enterprise Linux (RHEL) 7 and other products, allows remote attackers to cause a denial of service (application crash) by establishing many TLS sessions to a multithreaded server, leading to use of a negative value for a certain length field.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Prenotare

10/04/2015

Divulgazione

07/07/2015

Moderazione

accettato

CPE

pronto

EPSS

0.04302

KEV

no

Attività

molto basso

Fonti

Want to stay up to date on a daily basis?

Enable the mail alert feature now!