CVE-2015-3216 in OpenSSLthông tin

Tóm tắt

Bởi MITRE

Race condition in a certain Red Hat patch to the PRNG lock implementation in the ssleay_rand_bytes function in OpenSSL, as distributed in openssl-1.0.1e-25.el7 in Red Hat Enterprise Linux (RHEL) 7 and other products, allows remote attackers to cause a denial of service (application crash) by establishing many TLS sessions to a multithreaded server, leading to use of a negative value for a certain length field.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Đặt trước

10/04/2015

Tiết lộ

07/07/2015

Kiểm duyệt

được chấp nhận

mục

VDB-75951

EPSS

0.04302

KEV

không

Các hoạt động

rất thấp

Nguồn

Want to stay up to date on a daily basis?

Enable the mail alert feature now!