// For flags

CVE-2014-0198

openssl: SSL_MODE_RELEASE_BUFFERS NULL pointer dereference in do_ssl3_write()

Severity Score

4.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.

La función do_ssl3_write en s3_pkt.c en OpenSSL 1.x hasta 1.0.1g, cuando SSL_MODE_RELEASE_BUFFERS está habilitado, no maneja debidamente un puntero de buffer durante ciertas llamadas recursivas, lo que permite a atacantes remotos causar una denegación de servicio (referencia a puntero nulo y caída de aplicación) a través de vectores que provocan una condición de alerta.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-12-03 CVE Reserved
  • 2014-05-05 CVE Published
  • 2024-05-04 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-476: NULL Pointer Dereference
CAPEC
References (113)
URL Tag Source
http://advisories.mageia.org/MGASA-2014-0204.html Third Party Advisory
http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629 Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195 Third Party Advisory
http://puppetlabs.com/security/cve/cve-2014-0198 Third Party Advisory
http://seclists.org/fulldisclosure/2014/Dec/23 Mailing List
http://secunia.com/advisories/58337 Not Applicable
http://secunia.com/advisories/58667 Not Applicable
http://secunia.com/advisories/58713 Not Applicable
http://secunia.com/advisories/58714 Not Applicable
http://secunia.com/advisories/58939 Not Applicable
http://secunia.com/advisories/58945 Not Applicable
http://secunia.com/advisories/58977 Not Applicable
http://secunia.com/advisories/59126 Not Applicable
http://secunia.com/advisories/59162 Not Applicable
http://secunia.com/advisories/59163 Not Applicable
http://secunia.com/advisories/59190 Not Applicable
http://secunia.com/advisories/59202 Not Applicable
http://secunia.com/advisories/59264 Not Applicable
http://secunia.com/advisories/59282 Not Applicable
http://secunia.com/advisories/59284 Not Applicable
http://secunia.com/advisories/59287 Not Applicable
http://secunia.com/advisories/59300 Not Applicable
http://secunia.com/advisories/59301 Not Applicable
http://secunia.com/advisories/59306 Not Applicable
http://secunia.com/advisories/59310 Not Applicable
http://secunia.com/advisories/59342 Not Applicable
http://secunia.com/advisories/59374 Not Applicable
http://secunia.com/advisories/59398 Not Applicable
http://secunia.com/advisories/59413 Not Applicable
http://secunia.com/advisories/59437 Not Applicable
http://secunia.com/advisories/59438 Not Applicable
http://secunia.com/advisories/59440 Not Applicable
http://secunia.com/advisories/59449 Not Applicable
http://secunia.com/advisories/59450 Not Applicable
http://secunia.com/advisories/59490 Not Applicable
http://secunia.com/advisories/59491 Not Applicable
http://secunia.com/advisories/59514 Not Applicable
http://secunia.com/advisories/59525 Not Applicable
http://secunia.com/advisories/59529 Not Applicable
http://secunia.com/advisories/59655 Not Applicable
http://secunia.com/advisories/59666 Not Applicable
http://secunia.com/advisories/59669 Not Applicable
http://secunia.com/advisories/59721 Not Applicable
http://secunia.com/advisories/59784 Not Applicable
http://secunia.com/advisories/59990 Not Applicable
http://secunia.com/advisories/60049 Not Applicable
http://secunia.com/advisories/60066 Not Applicable
http://secunia.com/advisories/60571 Not Applicable
http://secunia.com/advisories/61254 Not Applicable
http://support.citrix.com/article/CTX140876 Third Party Advisory
http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15329.html Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21673137 Broken Link
http://www-01.ibm.com/support/docview.wss?uid=swg21676035 Broken Link
http://www-01.ibm.com/support/docview.wss?uid=swg21676062 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676419 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676529 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676655 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676879 Broken Link
http://www-01.ibm.com/support/docview.wss?uid=swg21676889 Broken Link
http://www-01.ibm.com/support/docview.wss?uid=swg21677527 Broken Link
http://www-01.ibm.com/support/docview.wss?uid=swg21677695 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21677828 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21677836 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21678167 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21683332 Third Party Advisory
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754 Broken Link
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755 Broken Link
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756 Broken Link
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757 Broken Link
http://www.blackberry.com/btsc/KB36051 Third Party Advisory
http://www.fortiguard.com/advisory/FG-IR-14-018 Third Party Advisory
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=swg21676356 Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=swg24037783 Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html Third Party Advisory
http://www.securityfocus.com/archive/1/534161/100/0/threaded Mailing List
http://www.securityfocus.com/bid/67193 Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2014-0006.html Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2014-0012.html Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946 Third Party Advisory
https://kb.bluecoat.com/index?page=content&id=SA80 Broken Link
https://kc.mcafee.com/corporate/index?page=content&id=SB10075 Broken Link
https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321 Broken Link
https://www.novell.com/support/kb/doc.php?id=7015271 Third Party Advisory
URL Date SRC
URL Date SRC
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html 2022-08-29
https://bugzilla.redhat.com/show_bug.cgi?id=1093837 2014-06-10
URL Date SRC
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html 2022-08-29
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html 2022-08-29
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html 2022-08-29
http://lists.opensuse.org/opensuse-updates/2014-05/msg00036.html 2022-08-29
http://lists.opensuse.org/opensuse-updates/2014-05/msg00037.html 2022-08-29
http://marc.info/?l=bugtraq&m=140389274407904&w=2 2022-08-29
http://marc.info/?l=bugtraq&m=140389355508263&w=2 2022-08-29
http://marc.info/?l=bugtraq&m=140431828824371&w=2 2022-08-29
http://marc.info/?l=bugtraq&m=140448122410568&w=2 2022-08-29
http://marc.info/?l=bugtraq&m=140544599631400&w=2 2022-08-29
http://marc.info/?l=bugtraq&m=140621259019789&w=2 2022-08-29
http://marc.info/?l=bugtraq&m=140752315422991&w=2 2022-08-29
http://marc.info/?l=bugtraq&m=140904544427729&w=2 2022-08-29
http://marc.info/?l=bugtraq&m=141658880509699&w=2 2022-08-29
http://security.gentoo.org/glsa/glsa-201407-05.xml 2022-08-29
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl 2022-08-29
http://www.debian.org/security/2014/dsa-2931 2022-08-29
http://www.mandriva.com/security/advisories?name=MDVSA-2014:080 2022-08-29
http://www.mandriva.com/security/advisories?name=MDVSA-2015:062 2022-08-29
http://www.openbsd.org/errata55.html#005_openssl 2022-08-29
http://www.openssl.org/news/secadv_20140605.txt 2022-08-29
https://access.redhat.com/security/cve/CVE-2014-0198 2014-06-10
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 >= 1.0.0 <= 1.0.1g
Search vendor "Openssl" for product "Openssl" and version " >= 1.0.0 <= 1.0.1g"
-
Affected
Mariadb
Search vendor "Mariadb"
 Mariadb
Search vendor "Mariadb" for product "Mariadb"
 >= 10.0.0 < 10.0.13
Search vendor "Mariadb" for product "Mariadb" and version " >= 10.0.0 < 10.0.13"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
 Fedora
Search vendor "Fedoraproject" for product "Fedora"
 19
Search vendor "Fedoraproject" for product "Fedora" and version "19"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
 Fedora
Search vendor "Fedoraproject" for product "Fedora"
 20
Search vendor "Fedoraproject" for product "Fedora" and version "20"
-
Affected
Debian
Search vendor "Debian"
 Debian Linux
Search vendor "Debian" for product "Debian Linux"
 6.0
Search vendor "Debian" for product "Debian Linux" and version "6.0"
-
Affected
Debian
Search vendor "Debian"
 Debian Linux
Search vendor "Debian" for product "Debian Linux"
 7.0
Search vendor "Debian" for product "Debian Linux" and version "7.0"
-
Affected
Debian
Search vendor "Debian"
 Debian Linux
Search vendor "Debian" for product "Debian Linux"
 8.0
Search vendor "Debian" for product "Debian Linux" and version "8.0"
-
Affected
Opensuse
Search vendor "Opensuse"
 Opensuse
Search vendor "Opensuse" for product "Opensuse"
 12.3
Search vendor "Opensuse" for product "Opensuse" and version "12.3"
-
Affected
Opensuse
Search vendor "Opensuse"
 Opensuse
Search vendor "Opensuse" for product "Opensuse"
 13.1
Search vendor "Opensuse" for product "Opensuse" and version "13.1"
-
Affected
Suse
Search vendor "Suse"
 Linux Enterprise Desktop
Search vendor "Suse" for product "Linux Enterprise Desktop"
 12
Search vendor "Suse" for product "Linux Enterprise Desktop" and version "12"
-
Affected
Suse
Search vendor "Suse"
 Linux Enterprise Server
Search vendor "Suse" for product "Linux Enterprise Server"
 12
Search vendor "Suse" for product "Linux Enterprise Server" and version "12"
-
Affected
Suse
Search vendor "Suse"
 Linux Enterprise Software Development Kit
Search vendor "Suse" for product "Linux Enterprise Software Development Kit"
 12
Search vendor "Suse" for product "Linux Enterprise Software Development Kit" and version "12"
-
Affected
Suse
Search vendor "Suse"
 Linux Enterprise Workstation Extension
Search vendor "Suse" for product "Linux Enterprise Workstation Extension"
 12
Search vendor "Suse" for product "Linux Enterprise Workstation Extension" and version "12"
-
Affected