Bug 890770 (CVE-2014-3510) - VUL-0: CVE-2014-3510: openssl: DTLS anonymous EC(DH) denial of service
Summary: VUL-0: CVE-2014-3510: openssl: DTLS anonymous EC(DH) denial of service
Status: RESOLVED FIXED
Alias: CVE-2014-3510
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Deadline: 2014-09-11
Assignee: Security Team bot
QA Contact: Security Team bot
URL:
Whiteboard: maint:released:sle11-sp3:58559 maint:...
Keywords:
Depends on:
Blocks:
 
Reported: 2014-08-07 07:22 UTC by Alexander Bergmann
Modified: 2014-12-09 09:38 UTC (History)
3 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
CVE-2014-3510 fix for the 0.9.8 branch. (1.92 KB, patch)
2014-08-07 13:21 UTC, Alexander Bergmann 		Details | Diff
CVE-2014-3510 fix for the 1.0.1 branch. (2.36 KB, patch)
2014-08-07 13:21 UTC, Alexander Bergmann 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2014-08-07 07:22:24 UTC 
This CVE was part of the OpenSSL Security Advisory [6 Aug 2014] (bnc#Bug 890759).

OpenSSL DTLS anonymous EC(DH) denial of service (CVE-2014-3510)
===============================================================

OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject to a
denial of service attack. A malicious server can crash the client with a null
pointer dereference (read) by specifying an anonymous (EC)DH ciphersuite and
sending carefully crafted handshake messages.

OpenSSL 0.9.8 DTLS client users should upgrade to 0.9.8zb
OpenSSL 1.0.0 DTLS client users should upgrade to 1.0.0n.
OpenSSL 1.0.1 DTLS client users should upgrade to 1.0.1i.

Thanks to Felix Gröbert (Google) for discovering and researching this issue.
This issue was reported to OpenSSL on 18th July 2014.

The fix was developed by Emilia Käsper of the OpenSSL development team.
Comment 1 Alexander Bergmann 2014-08-07 13:21:14 UTC 
Created attachment 601524 [details]
CVE-2014-3510 fix for the 0.9.8 branch.
Comment 2 Alexander Bergmann 2014-08-07 13:21:45 UTC 
Created attachment 601525 [details]
CVE-2014-3510 fix for the 1.0.1 branch.
Comment 3 Swamp Workflow Management 2014-08-07 22:01:03 UTC 
bugbot adjusting priority
Comment 4 SMASH SMASH 2014-08-08 09:01:03 UTC 
Affected packages:

SLE-10-SP3-TERADATA: openssl
SLE-11-SP1: openssl
SLE-11-SP3: openssl, openssl1
Comment 5 Swamp Workflow Management 2014-08-08 14:36:35 UTC 
An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2014-08-22.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/58532
Comment 9 Vítězslav Čížek 2014-08-14 10:42:14 UTC 
All packages have been submitted.
Reassigning back to security-team.
Comment 11 Swamp Workflow Management 2014-08-18 22:05:24 UTC 
SUSE-SU-2014:1033-1: An update that fixes 9 vulnerabilities is now available.

Category: security (moderate)
Bug References: 889812,890764,890767,890768,890769,890770
CVE References: CVE-2014-3505,CVE-2014-3506,CVE-2014-3507,CVE-2014-3508,CVE-2014-3509,CVE-2014-3510,CVE-2014-3511,CVE-2014-3512,CVE-2014-5139
Sources used:
SUSE Linux Enterprise Security Module 11 SP3 (src):    openssl1-1.0.1g-0.20.1
Comment 12 Swamp Workflow Management 2014-08-20 23:05:13 UTC 
SUSE-SU-2014:1049-1: An update that fixes 5 vulnerabilities is now available.

Category: security (moderate)
Bug References: 890764,890767,890768,890769,890770
CVE References: CVE-2014-3505,CVE-2014-3506,CVE-2014-3507,CVE-2014-3508,CVE-2014-3510
Sources used:
SUSE Linux Enterprise Software Development Kit 11 SP3 (src):    openssl-0.9.8j-0.62.1
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    openssl-0.9.8j-0.62.1
SUSE Linux Enterprise Server 11 SP3 (src):    openssl-0.9.8j-0.62.1
SUSE Linux Enterprise Desktop 11 SP3 (src):    openssl-0.9.8j-0.62.1
Comment 13 Swamp Workflow Management 2014-08-21 14:05:59 UTC 
openSUSE-SU-2014:1052-1: An update that fixes 9 vulnerabilities is now available.

Category: security (moderate)
Bug References: 890764,890765,890766,890767,890768,890769,890770,890771,890772
CVE References: CVE-2014-3505,CVE-2014-3506,CVE-2014-3507,CVE-2014-3508,CVE-2014-3509,CVE-2014-3510,CVE-2014-3511,CVE-2014-3512,CVE-2014-5139
Sources used:
openSUSE 13.1 (src):    openssl-1.0.1i-11.52.1
openSUSE 12.3 (src):    openssl-1.0.1i-1.64.1
Comment 14 Swamp Workflow Management 2014-08-28 12:19:43 UTC 
An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2014-09-11.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/58762
Comment 16 Marcus Meissner 2014-09-09 16:02:15 UTC 
released ltss updates
Comment 17 Swamp Workflow Management 2014-09-09 23:06:52 UTC 
SUSE-SU-2014:1104-1: An update that fixes 5 vulnerabilities is now available.

Category: security (moderate)
Bug References: 890764,890767,890768,890769,890770
CVE References: CVE-2014-3505,CVE-2014-3506,CVE-2014-3507,CVE-2014-3508,CVE-2014-3510
Sources used:
SUSE Linux Enterprise Server 11 SP2 LTSS (src):    openssl-0.9.8j-0.62.3
SUSE Linux Enterprise Server 11 SP1 LTSS (src):    openssl-0.9.8j-0.62.3
SUSE Linux Enterprise Server 10 SP4 LTSS (src):    openssl-0.9.8a-18.84.5
SUSE Linux Enterprise Server 10 SP3 LTSS (src):    openssl-0.9.8a-18.45.79.3
Comment 18 Swamp Workflow Management 2014-09-23 23:06:08 UTC 
SUSE-SU-2014:1208-1: An update that solves 9 vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 859228,859924,860332,862181,870192,890764,890767,890768,890769,890770
CVE References: CVE-2014-0076,CVE-2014-0221,CVE-2014-0224,CVE-2014-3470,CVE-2014-3505,CVE-2014-3506,CVE-2014-3507,CVE-2014-3508,CVE-2014-3510
Sources used:
SUSE Studio Onsite 1.3 (src):    openssl-0.9.8j-0.62.3
SUSE Manager 1.7 for SLE 11 SP2 (src):    openssl-0.9.8j-0.62.3