Bug 890769 (CVE-2014-3507) - VUL-0: CVE-2014-3507: openssl: DTLS memory leak from zero-length fragments
Summary: VUL-0: CVE-2014-3507: openssl: DTLS memory leak from zero-length fragments
Status: RESOLVED FIXED
Alias: CVE-2014-3507
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Deadline: 2014-09-11
Assignee: Security Team bot
QA Contact: Security Team bot
URL:
Whiteboard: maint:released:sle11-sp3:58559 maint:...
Keywords:
Depends on:
Blocks:
 
Reported: 2014-08-07 07:22 UTC by Alexander Bergmann
Modified: 2014-12-09 09:38 UTC (History)
3 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
CVE-2014-3507 fix for the 0.9.8 branch. (2.73 KB, patch)
2014-08-07 13:16 UTC, Alexander Bergmann 		Details | Diff
CVE-2014-3507 fix for the 1.0.1 branch. (2.74 KB, patch)
2014-08-07 13:17 UTC, Alexander Bergmann 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2014-08-07 07:22:19 UTC 
This CVE was part of the OpenSSL Security Advisory [6 Aug 2014] (bnc#Bug 890759).

DTLS memory leak from zero-length fragments (CVE-2014-3507)
===========================================================

By sending carefully crafted DTLS packets an attacker could cause openssl to
leak memory. This can be exploited through a Denial of Service attack.

OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8zb
OpenSSL 1.0.0 DTLS users should upgrade to 1.0.0n.
OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1i.

Thanks to Adam Langley (Google) for discovering and researching this
issue. This issue was reported to OpenSSL on 6th June 2014.

The fix was developed by Adam Langley.
Comment 1 Alexander Bergmann 2014-08-07 13:16:12 UTC 
Created attachment 601518 [details]
CVE-2014-3507 fix for the 0.9.8 branch.
Comment 2 Alexander Bergmann 2014-08-07 13:17:19 UTC 
Created attachment 601519 [details]
CVE-2014-3507 fix for the 1.0.1 branch.
Comment 3 Swamp Workflow Management 2014-08-07 22:00:56 UTC 
bugbot adjusting priority
Comment 4 SMASH SMASH 2014-08-08 09:01:23 UTC 
Affected packages:

SLE-10-SP3-TERADATA: openssl
SLE-11-SP1: openssl
SLE-11-SP3: openssl, openssl1
Comment 5 Swamp Workflow Management 2014-08-08 14:37:07 UTC 
An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2014-08-22.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/58532
Comment 9 Vítězslav Čížek 2014-08-14 10:41:37 UTC 
All packages have been submitted.
Reassigning back to security-team.
Comment 11 Swamp Workflow Management 2014-08-18 22:05:12 UTC 
SUSE-SU-2014:1033-1: An update that fixes 9 vulnerabilities is now available.

Category: security (moderate)
Bug References: 889812,890764,890767,890768,890769,890770
CVE References: CVE-2014-3505,CVE-2014-3506,CVE-2014-3507,CVE-2014-3508,CVE-2014-3509,CVE-2014-3510,CVE-2014-3511,CVE-2014-3512,CVE-2014-5139
Sources used:
SUSE Linux Enterprise Security Module 11 SP3 (src):    openssl1-1.0.1g-0.20.1
Comment 12 Swamp Workflow Management 2014-08-20 23:05:01 UTC 
SUSE-SU-2014:1049-1: An update that fixes 5 vulnerabilities is now available.

Category: security (moderate)
Bug References: 890764,890767,890768,890769,890770
CVE References: CVE-2014-3505,CVE-2014-3506,CVE-2014-3507,CVE-2014-3508,CVE-2014-3510
Sources used:
SUSE Linux Enterprise Software Development Kit 11 SP3 (src):    openssl-0.9.8j-0.62.1
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    openssl-0.9.8j-0.62.1
SUSE Linux Enterprise Server 11 SP3 (src):    openssl-0.9.8j-0.62.1
SUSE Linux Enterprise Desktop 11 SP3 (src):    openssl-0.9.8j-0.62.1
Comment 13 Swamp Workflow Management 2014-08-21 14:05:48 UTC 
openSUSE-SU-2014:1052-1: An update that fixes 9 vulnerabilities is now available.

Category: security (moderate)
Bug References: 890764,890765,890766,890767,890768,890769,890770,890771,890772
CVE References: CVE-2014-3505,CVE-2014-3506,CVE-2014-3507,CVE-2014-3508,CVE-2014-3509,CVE-2014-3510,CVE-2014-3511,CVE-2014-3512,CVE-2014-5139
Sources used:
openSUSE 13.1 (src):    openssl-1.0.1i-11.52.1
openSUSE 12.3 (src):    openssl-1.0.1i-1.64.1
Comment 14 Swamp Workflow Management 2014-08-28 12:19:52 UTC 
An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2014-09-11.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/58762
Comment 16 Marcus Meissner 2014-09-09 16:02:05 UTC 
released ltss updates
Comment 17 Swamp Workflow Management 2014-09-09 23:06:39 UTC 
SUSE-SU-2014:1104-1: An update that fixes 5 vulnerabilities is now available.

Category: security (moderate)
Bug References: 890764,890767,890768,890769,890770
CVE References: CVE-2014-3505,CVE-2014-3506,CVE-2014-3507,CVE-2014-3508,CVE-2014-3510
Sources used:
SUSE Linux Enterprise Server 11 SP2 LTSS (src):    openssl-0.9.8j-0.62.3
SUSE Linux Enterprise Server 11 SP1 LTSS (src):    openssl-0.9.8j-0.62.3
SUSE Linux Enterprise Server 10 SP4 LTSS (src):    openssl-0.9.8a-18.84.5
SUSE Linux Enterprise Server 10 SP3 LTSS (src):    openssl-0.9.8a-18.45.79.3
Comment 18 Swamp Workflow Management 2014-09-23 23:05:58 UTC 
SUSE-SU-2014:1208-1: An update that solves 9 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 859228,859924,860332,862181,870192,890764,890767,890768,890769,890770
CVE References: CVE-2014-0076,CVE-2014-0221,CVE-2014-0224,CVE-2014-3470,CVE-2014-3505,CVE-2014-3506,CVE-2014-3507,CVE-2014-3508,CVE-2014-3510
Sources used:
SUSE Studio Onsite 1.3 (src):    openssl-0.9.8j-0.62.3
SUSE Manager 1.7 for SLE 11 SP2 (src):    openssl-0.9.8j-0.62.3