openssl -- multiple vulnerabilities
- ChaCha20/Poly1305 heap-buffer-overflow (CVE-2016-7054)
TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS
attack by corrupting larger payloads. This can result in an OpenSSL crash. This
issue is not considered to be exploitable beyond a DoS.
- CMS Null dereference (CVE-2016-7053)
Applications parsing invalid CMS structures can crash with a NULL pointer
dereference. This is caused by a bug in the handling of the ASN.1 CHOICE type
in OpenSSL 1.1.0 which can result in a NULL value being passed to the structure
callback if an attempt is made to free certain invalid encodings. Only CHOICE
structures using a callback which do not handle NULL value are affected.
- Montgomery multiplication may produce incorrect results (CVE-2016-7055)i
There is a carry propagating bug in the Broadwell-specific Montgomery
multiplication procedure that handles input lengths divisible by, but
longer than 256 bits.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright