Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL for PowerPC CPUs restores the contents of vector registers in a different order than they are saved. Thus the contents of some of these vector registers are corrupted when returning to the caller. The vulnerable code is used only on newer PowerPC processors supporting the PowerISA 2.07 instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the w...

Уязвимость реализации алгоритма POLY1305 MAC криптографической библиотеки OpenSSL, позволяющая нарушителю вызвать отказ в обслуживании

Security update for openssl

Security update for openssl1

Security update for compat-openssl098

Security update for openssl-1_1

Security update for openssl-1_1

Security update for openssl-1_0_0

Security update for openssl-3

Security update for openssl-1_0_0

Security update for openssl-1_1

Security update for openssl-1_1

Null pointer dereference in PKCS12 parsing

Уязвимость функций PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() и PKCS12_newpass() библиотеки OpenSSL, позволяющая нарушителю вызвать отказ в обслуживании

Security update for ovmf

Уязвимость openssl3