Oval Definition:oval:org.opensuse.security:def:20148176
Revision Date:2022-06-30Version:1
Title:CVE-2014-8176
Description:

The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows remote DTLS peers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unexpected application data.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2014-8176
Mitre CVE-2014-8176
SUSE CVE-2014-8176
openSUSE-SU-2015:1277-1
openSUSE-SU-2015:1277-1
SUSE-SU-2015:1185-1
SUSE-SU-2015:1185-1
TID7016539
TID7016602
Platform(s):openSUSE 13.2
openSUSE Tumbleweed
SUSE Linux Enterprise Security Module 11 SP3
SUSE Linux Enterprise Server 11-SECURITY
SUSE Linux Enterprise Server for SAP Applications 11-SECURITY
Product(s):
Definition Synopsis
  • openSUSE 13.2 is installed
  • AND Package Information
  • libcrypto34-2.2.1-2.3.1 is installed
  • OR libcrypto34-32bit-2.2.1-2.3.1 is installed
  • OR libressl-2.2.1-2.3.1 is installed
  • OR libressl-devel-2.2.1-2.3.1 is installed
  • OR libressl-devel-32bit-2.2.1-2.3.1 is installed
  • OR libressl-devel-doc-2.2.1-2.3.1 is installed
  • OR libssl33-2.2.1-2.3.1 is installed
  • OR libssl33-32bit-2.2.1-2.3.1 is installed
  • OR libtls4-2.2.1-2.3.1 is installed
  • OR libtls4-32bit-2.2.1-2.3.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 11-SECURITY is installed
  • AND Package Information
  • libopenssl1-devel-1.0.1g-0.30.1 is installed
  • OR libopenssl1_0_0-1.0.1g-0.30.1 is installed
  • OR libopenssl1_0_0-32bit-1.0.1g-0.30.1 is installed
  • OR libopenssl1_0_0-x86-1.0.1g-0.30.1 is installed
  • OR openssl1-1.0.1g-0.30.1 is installed
  • OR openssl1-doc-1.0.1g-0.30.1 is installed
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11-SECURITY is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11-SECURITY is installed
  • AND Package Information
  • libopenssl1-devel-1.0.1g-0.30 is installed
  • OR libopenssl1_0_0-1.0.1g-0.30 is installed
  • OR libopenssl1_0_0-32bit-1.0.1g-0.30 is installed
  • OR libopenssl1_0_0-x86-1.0.1g-0.30 is installed
  • OR openssl1-1.0.1g-0.30 is installed
  • OR openssl1-doc-1.0.1g-0.30 is installed
  • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • libcrypto38-2.5.0-1.1 is installed
  • OR libcrypto38-32bit-2.5.0-1.1 is installed
  • OR libressl-2.5.0-1.1 is installed
  • OR libressl-devel-2.5.0-1.1 is installed
  • OR libressl-devel-32bit-2.5.0-1.1 is installed
  • OR libressl-devel-doc-2.5.0-1.1 is installed
  • OR libssl39-2.5.0-1.1 is installed
  • OR libssl39-32bit-2.5.0-1.1 is installed
  • OR libtls11-2.5.0-1.1 is installed
  • OR libtls11-32bit-2.5.0-1.1 is installed
  • BACK