[openssl-users] CVE 2017-3735 OOB read
Salz, Rich
rsalz at akamai.com
Tue Aug 29 00:11:02 UTC 2017
From https://www.openssl.org/news/secadv/20170828.txt
OpenSSL Security Advisory [28 Aug 2017]
========================================
Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735)
===================================================================
Severity: Low
If an X.509 certificate has a malformed IPAddressFamily extension,
OpenSSL could do a one-byte buffer overread. The most likely result
would be an erroneous display of the certificate in text format.
As this is a low severity fix, no release is being made. The fix can be
found in the source repository (1.0.2, 1.1.0, and master branches); see
https://github.com/openssl/openssl/pull/4276. This bug has been present
since 2006.
This issue was found by Google's OSS-Fuzz project on August 22.
The fix was developed by Rich Salz of the OpenSSL development team.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170829/d48d4e27/attachment-0001.html>
More information about the openssl-users
mailing list