Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:13.2:Update
polarssl
polarssl-CVE-2015-1182.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File polarssl-CVE-2015-1182.patch of Package polarssl
Description: Remote attack using crafted certificates During the parsing of a ASN.1 sequence, a pointer in the linked list of asn1_sequence is not initialized by asn1_get_sequence_of(). In case an error occurs during parsing of the list, a situation is created where the uninitialized pointer is passed to polarssl_free(). . This sequence can be triggered when a PolarSSL entity is parsing a certificate. So practically this means clients when receiving a certificate from the server or servers in case they are actively asking for a client certificate. . Depending on the attackers knowledge of the system under attack, this results at the lowest into a denial of service, and at the most a possible remote code execution. . CVE-2015-1182 Origin: upstream, https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04 Bug-Debian: https://bugs.debian.org/775776 Forwarded: not-needed Author: Salvatore Bonaccorso <carnil@debian.org> Last-Update: 2015-01-21 Index: library/asn1parse.c =================================================================== --- library/asn1parse.c.orig +++ library/asn1parse.c @@ -278,6 +278,8 @@ int asn1_get_sequence_of( unsigned char if( cur->next == NULL ) return( POLARSSL_ERR_ASN1_MALLOC_FAILED ); + memset( cur->next, 0, sizeof( asn1_sequence ) ); + cur = cur->next; } }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor