OpenSSL remote denial of service vulnerability
Server or client applications that call the SSL_check_chain()
function during or after a TLS 1.3 handshake may crash due to a NULL
pointer dereference as a result of incorrect handling of the
"signature_algorithms_cert" TLS extension. The crash occurs if an
invalid or unrecognized signature algorithm is received from the
A malicious peer could exploit the NULL pointer dereference crash,
causing a denial of service attack.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright