CVE-2014-3513

openssl: SRTP memory leak causes crash when using specially-crafted handshake message

Severity Score

7.1

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message.

Fuga de memoria en d1_srtp.c en la extensión DTLS SRTP en OpenSSL 1.0.1 anterior a 1.0.1j permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de un mensaje de negociación manipulado.

A memory leak flaw was found in the way OpenSSL parsed the DTLS Secure Real-time Transport Protocol (SRTP) extension data. A remote attacker could send multiple specially crafted handshake messages to exhaust all available memory of an SSL/TLS or DTLS server.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2014-05-14 CVE Reserved
2014-10-15 CVE Published
2024-08-06 CVE Updated
2024-08-31 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation
CWE-401: Missing Release of Memory after Effective Lifetime

CAPEC

References (44)

URL	Tag	Source
http://advisories.mageia.org/MGASA-2014-0416.html	X_refsource_confirm
http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc	X_refsource_confirm
http://secunia.com/advisories/59627	Third Party Advisory
http://secunia.com/advisories/61058	Third Party Advisory
http://secunia.com/advisories/61073	Third Party Advisory
http://secunia.com/advisories/61207	Third Party Advisory
http://secunia.com/advisories/61298	Third Party Advisory
http://secunia.com/advisories/61439	Third Party Advisory
http://secunia.com/advisories/61837	Third Party Advisory
http://secunia.com/advisories/61959	Third Party Advisory
http://secunia.com/advisories/61990	Third Party Advisory
http://secunia.com/advisories/62070	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21686997	X_refsource_confirm
http://www.securityfocus.com/bid/70584	Vdb Entry
http://www.securitytracker.com/id/1031052	Vdb Entry
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6	X_refsource_confirm
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=2b0532f3984324ebe1236a63d15893792384328d	X_refsource_confirm
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888	X_refsource_confirm
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380	X_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10091	X_refsource_confirm
https://support.apple.com/HT205217	X_refsource_confirm
https://support.f5.com/kb/en-us/solutions/public/15000/700/sol15722.html	X_refsource_confirm

URL	Date	SRC

URL	Date	SRC
http://marc.info/?l=bugtraq&m=142495837901899&w=2	2023-11-07
http://security.gentoo.org/glsa/glsa-201412-39.xml	2023-11-07

URL	Date	SRC
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc	2023-11-07
http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html	2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html	2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html	2023-11-07
http://marc.info/?l=bugtraq&m=142118135300698&w=2	2023-11-07
http://marc.info/?l=bugtraq&m=142624590206005&w=2	2023-11-07
http://marc.info/?l=bugtraq&m=142791032306609&w=2	2023-11-07
http://marc.info/?l=bugtraq&m=142804214608580&w=2	2023-11-07
http://marc.info/?l=bugtraq&m=142834685803386&w=2	2023-11-07
http://marc.info/?l=bugtraq&m=143290437727362&w=2	2023-11-07
http://marc.info/?l=bugtraq&m=143290522027658&w=2	2023-11-07
http://marc.info/?l=bugtraq&m=143290583027876&w=2	2023-11-07
http://rhn.redhat.com/errata/RHSA-2014-1652.html	2023-11-07
http://rhn.redhat.com/errata/RHSA-2014-1692.html	2023-11-07
http://www.debian.org/security/2014/dsa-3053	2023-11-07
http://www.mandriva.com/security/advisories?name=MDVSA-2015:062	2023-11-07
http://www.ubuntu.com/usn/USN-2385-1	2023-11-07
https://www.openssl.org/news/secadv_20141015.txt	2023-11-07
https://access.redhat.com/security/cve/CVE-2014-3513	2014-10-22
https://bugzilla.redhat.com/show_bug.cgi?id=1152953	2014-10-22

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1 Search vendor "Openssl" for product "Openssl" and version "1.0.1"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1 Search vendor "Openssl" for product "Openssl" and version "1.0.1"		beta1		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1 Search vendor "Openssl" for product "Openssl" and version "1.0.1"		beta2		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1 Search vendor "Openssl" for product "Openssl" and version "1.0.1"		beta3		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1a Search vendor "Openssl" for product "Openssl" and version "1.0.1a"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1b Search vendor "Openssl" for product "Openssl" and version "1.0.1b"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1c Search vendor "Openssl" for product "Openssl" and version "1.0.1c"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1d Search vendor "Openssl" for product "Openssl" and version "1.0.1d"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1e Search vendor "Openssl" for product "Openssl" and version "1.0.1e"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1f Search vendor "Openssl" for product "Openssl" and version "1.0.1f"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1g Search vendor "Openssl" for product "Openssl" and version "1.0.1g"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1h Search vendor "Openssl" for product "Openssl" and version "1.0.1h"		-		Affected
Openssl Search vendor "Openssl"		Openssl Search vendor "Openssl" for product "Openssl"				1.0.1i Search vendor "Openssl" for product "Openssl" and version "1.0.1i"		-		Affected