Описание
statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted DTLS messages.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
EPSS
5.9 Medium
CVSS3
7.1 High
CVSS2
Дефекты
Связанные уязвимости
statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted DTLS messages.
statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted DTLS messages.
statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 befor ...
statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted DTLS messages.
Уязвимость компонента statem/statem_dtls.c библиотеки OpenSSL, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
5.9 Medium
CVSS3
7.1 High
CVSS2