Launchpad.net

CVE 2014-0198

The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.

Related bugs and status

CVE-2014-0198 (Candidate) is related to these bugs:

Bug #1425171: Upgrade OpenSSL packages

		In	Importance	Status
1425171	Upgrade OpenSSL packages	Mirantis OpenStack	Undecided	Opinion
1425171	Upgrade OpenSSL packages	Mirantis OpenStack 5.1.x	Undecided	Opinion
1425171	Upgrade OpenSSL packages	Mirantis OpenStack 6.0.x	Undecided	Opinion

Bug #1811531: remote execution vulnerability

		In	Importance	Status
1811531	remote execution vulnerability	zeromq3 (Ubuntu)	Undecided	Fix Released
1811531	remote execution vulnerability	zeromq3 (Debian)	Unknown	Fix Released
1811531	remote execution vulnerability	zeromq (Suse)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://bugzilla.redha...
OPENBSD: [5.5] 005: RELIABILITY...
DEBIAN: DSA-2931
SUSE: openSUSE-SU-2014:0634
SUSE: openSUSE-SU-2014:0635
CONFIRM: http://www.openssl.org...
CISCO: 20140605 Multiple Vuln...
CONFIRM: http://www-01.ibm.com/...
CONFIRM: http://www-01.ibm.com/...
CONFIRM: http://www-01.ibm.com/...
CONFIRM: http://www-01.ibm.com/...
CONFIRM: http://www.blackberry....
CONFIRM: http://www.huawei.com/...
CONFIRM: http://www-01.ibm.com/...
CONFIRM: http://www-01.ibm.com/...
CONFIRM: http://www-01.ibm.com/...
CONFIRM: http://www-01.ibm.com/...
CONFIRM: http://www-01.ibm.com/...
SECUNIA: 58939
SECUNIA: 59126
SECUNIA: 59162
SECUNIA: 59300
SECUNIA: 59438
SECUNIA: 59450
SECUNIA: 59491
SECUNIA: 59514
SECUNIA: 59490
SECUNIA: 59655
SECUNIA: 59721
SECUNIA: 59413
SECUNIA: 59669
SECUNIA: 59301
SECUNIA: 59666
CONFIRM: http://www.oracle.com/...
CONFIRM: http://www.fortiguard....
SECUNIA: 59342
SECUNIA: 60049
CONFIRM: http://puppetlabs.com/...
SECUNIA: 60066
SECUNIA: 59784
SECUNIA: 59990
SECUNIA: 60571
FULLDISC: 20141205 NEW: VMSA-201...
CONFIRM: http://www.vmware.com/...
CONFIRM: http://www.oracle.com/...
MANDRIVA: MDVSA-2015:062
CONFIRM: https://h20566.www2.hp...
SUSE: SUSE-SU-2015:0743
CONFIRM: http://www-01.ibm.com/...
CONFIRM: http://advisories.mage...
CONFIRM: http://aix.software.ib...
CONFIRM: http://support.citrix....
CONFIRM: http://support.f5.com/...
CONFIRM: http://www.ibm.com/sup...
CONFIRM: http://www.ibm.com/sup...
CONFIRM: http://www.vmware.com/...
CONFIRM: http://www-01.ibm.com/...
CONFIRM: http://www-01.ibm.com/...
CONFIRM: http://www-01.ibm.com/...
CONFIRM: http://www-01.ibm.com/...
CONFIRM: https://www.novell.com...
CONFIRM: http://www-947.ibm.com...
CONFIRM: http://www-947.ibm.com...
CONFIRM: http://www-947.ibm.com...
CONFIRM: http://www-947.ibm.com...
CONFIRM: http://www-01.ibm.com/...
FEDORA: FEDORA-2014-9301
FEDORA: FEDORA-2014-9308
GENTOO: GLSA-201407-05
MANDRIVA: MDVSA-2014:080
BID: 67193
SECUNIA: 61254
SECUNIA: 58667
SECUNIA: 58714
SECUNIA: 59190
SECUNIA: 59202
SECUNIA: 59282
SECUNIA: 59284
SECUNIA: 59398
SECUNIA: 59437
SECUNIA: 59163
SECUNIA: 59264
SECUNIA: 59287
SECUNIA: 59306
SECUNIA: 59310
SECUNIA: 59374
SECUNIA: 59440
SECUNIA: 59449
SECUNIA: 58337
SECUNIA: 58713
SECUNIA: 58945
SECUNIA: 58977
SECUNIA: 59525
SECUNIA: 59529
CONFIRM: https://rt.openssl.org...
CONFIRM: https://kb.bluecoat.co...
CONFIRM: https://kc.mcafee.com/...
CONFIRM: http://kb.juniper.net/...
CONFIRM: http://kb.juniper.net/...
HP: HPSBGN03068
HP: HPSBHF03052
HP: HPSBMU03051
HP: HPSBMU03055
HP: HPSBMU03056
HP: HPSBMU03057
HP: HPSBMU03062
HP: HPSBMU03074
HP: HPSBMU03076
CONFIRM: http://www.oracle.com/...
CONFIRM: http://www.oracle.com/...
BUGTRAQ: 20141205 NEW: VMSA-201...
CONFIRM: https://cert-portal.si...