Oval Definition:oval:org.opensuse.security:def:20166309
Revision Date:2022-05-20Version:1
Title:CVE-2016-6309
Description:

statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service (use-after-free) or possibly execute arbitrary code via a crafted TLS session.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2016-6309
SUSE CVE-2016-6309
Platform(s):SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND openssl is not affected
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • OR SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND openssl is not affected
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • OR SUSE Linux Enterprise Server 12 SP1 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
  • AND openssl is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • AND
  • libopenssl-devel is not affected
  • OR libopenssl1_0_0 is not affected
  • OR libopenssl1_0_0-32bit is not affected
  • OR libopenssl1_0_0-hmac is not affected
  • OR libopenssl1_0_0-hmac-32bit is not affected
  • OR openssl is not affected
  • OR openssl-doc is not affected
  • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND openssl is not affected
  • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND openssl is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • AND
  • libopenssl-devel is not affected
  • OR libopenssl1_0_0 is not affected
  • OR libopenssl1_0_0-32bit is not affected
  • OR libopenssl1_0_0-hmac is not affected
  • OR libopenssl1_0_0-hmac-32bit is not affected
  • OR openssl is not affected
  • OR openssl-doc is not affected
  • BACK