Advisories ยป MGASA-2015-0466

Updated openssl packages fix security vulnerability

Publication date: 05 Dec 2015
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-1794 , CVE-2015-3194 , CVE-2015-3195 , CVE-2015-3196


If a client receives a ServerKeyExchange for an anonymous DH ciphersuite
with the value of p set to 0 then a seg fault can occur leading to a
possible denial of service attack (CVE-2015-1794).

Loic Jonas Etienne of Qnective AG discovered that the signature
verification routines will crash with a NULL pointer dereference if
presented with an ASN.1 signature using the RSA PSS algorithm and absent
mask generation function parameter. A remote attacker can exploit this
flaw to crash any certificate verification operation and mount a denial of
service attack (CVE-2015-3194).

Adam Langley of Google/BoringSSL discovered that OpenSSL will leak memory
when presented with a malformed X509_ATTRIBUTE structure (CVE-2015-3195).

A race condition flaw in the handling of PSK identify hints was
discovered, potentially leading to a double free of the identify hint data