919648 – (CVE-2015-0209) VUL-1: CVE-2015-0209: openssl: Fix a failure to NULL a pointer freed on error.

Bug 919648 (CVE-2015-0209) - VUL-1: CVE-2015-0209: openssl: Fix a failure to NULL a pointer freed on error.

Summary: VUL-1: CVE-2015-0209: openssl: Fix a failure to NULL a pointer freed on error.

Status:	RESOLVED FIXED

Alias:	CVE-2015-0209

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:
Whiteboard:	maint:released:sle10-sp3:61133 maint:...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2015-02-26 07:37 UTC by Marcus Meissner
Modified:	2022-02-16 21:17 UTC (History)
CC List:	1 user (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcus Meissner 2015-02-26 07:37:29 UTC

spotted in openssl git.

commit 1b4a8df38fc9ab3c089ca5765075ee53ec5bd66a
Author: Matt Caswell <matt@openssl.org>
Date:   Mon Feb 9 11:38:41 2015 +0000

    Fix a failure to NULL a pointer freed on error.
    
    Inspired by BoringSSL commit 517073cd4b by Eric Roman <eroman@chromium.org>
    
    CVE-2015-0209
    
    Reviewed-by: Emilia Käsper <emilia@openssl.org>

in elliptic curves code. might cause a double free, but its hard to say.

Comment 1 Marcus Meissner 2015-02-26 07:45:01 UTC

(given previous track record, there might be a new openssl release with more non-disclosed security fixes in the future)

Comment 2 Swamp Workflow Management 2015-02-26 23:00:37 UTC

bugbot adjusting priority

Comment 9 Marcus Meissner 2015-03-18 14:01:18 UTC

QA: No reproducer.

Comment 10 Marcus Meissner 2015-03-19 14:15:55 UTC

http://openssl.org/news/secadv_20150319.txt

Use After Free following d2i_ECPrivatekey error (CVE-2015-0209)
===============================================================

Severity: Low

A malformed EC private key file consumed via the d2i_ECPrivateKey function could
cause a use after free condition. This, in turn, could cause a double
free in several private key parsing functions (such as d2i_PrivateKey
or EVP_PKCS82PKEY) and could lead to a DoS attack or memory corruption
for applications that receive EC private keys from untrusted
sources. This scenario is considered rare.

This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.

OpenSSL 1.0.2 users should upgrade to 1.0.2a
OpenSSL 1.0.1 users should upgrade to 1.0.1m.
OpenSSL 1.0.0 users should upgrade to 1.0.0r.
OpenSSL 0.9.8 users should upgrade to 0.9.8zf.

This issue was discovered by the BoringSSL project and fixed in their commit
517073cd4b. The OpenSSL fix was developed by Matt Caswell of the OpenSSL
development team.

Comment 11 Vítězslav Čížek 2015-03-19 15:27:31 UTC

openSUSE updates submitted, reassigning to security-team.

Comment 12 Bernhard Wiedemann 2015-03-19 16:00:14 UTC

This is an autogenerated message for OBS integration:
This bug (919648) was mentioned in
https://build.opensuse.org/request/show/291605 13.2+13.1 / openssl
https://build.opensuse.org/request/show/291607 Factory / openssl

Comment 13 Swamp Workflow Management 2015-03-19 18:05:04 UTC

SUSE-SU-2015:0541-1: An update that fixes 6 vulnerabilities is now available.

Category: security (important)
Bug References: 919648,920236,922488,922496,922499,922500
CVE References: CVE-2015-0209,CVE-2015-0286,CVE-2015-0287,CVE-2015-0288,CVE-2015-0289,CVE-2015-0293
Sources used:
SUSE Linux Enterprise Software Development Kit 12 (src):    openssl-1.0.1i-20.1
SUSE Linux Enterprise Server 12 (src):    openssl-1.0.1i-20.1
SUSE Linux Enterprise Desktop 12 (src):    openssl-1.0.1i-20.1

Comment 14 Swamp Workflow Management 2015-03-19 22:05:09 UTC

SUSE-SU-2015:0545-1: An update that fixes 8 vulnerabilities is now available.

Category: security (moderate)
Bug References: 915976,919648,920236,922488,922496,922499,922500,922501
CVE References: CVE-2009-5146,CVE-2015-0209,CVE-2015-0286,CVE-2015-0287,CVE-2015-0288,CVE-2015-0289,CVE-2015-0292,CVE-2015-0293
Sources used:
SUSE Linux Enterprise Server 11 SP2 LTSS (src):    openssl-0.9.8j-0.70.1
SUSE Linux Enterprise Server 11 SP1 LTSS (src):    openssl-0.9.8j-0.70.1

Comment 15 Swamp Workflow Management 2015-03-19 22:06:25 UTC

SUSE-SU-2015:0546-1: An update that fixes 7 vulnerabilities is now available.

Category: security (moderate)
Bug References: 919648,920236,922488,922496,922499,922500,922501
CVE References: CVE-2015-0209,CVE-2015-0286,CVE-2015-0287,CVE-2015-0288,CVE-2015-0289,CVE-2015-0292,CVE-2015-0293
Sources used:
SUSE Linux Enterprise Security Module 11 SP3 (src):    openssl1-1.0.1g-0.26.1

Comment 16 Swamp Workflow Management 2015-03-19 22:09:43 UTC

SUSE-SU-2015:0549-1: An update that contains security fixes can now be installed.

Category: security (moderate)
Bug References: 919648,920236,922488,922496,922499,922500,922501
CVE References: 
Sources used:
SUSE Linux Enterprise Server 10 SP4 LTSS (src):    openssl-0.9.8a-18.90.1

Comment 17 Swamp Workflow Management 2015-03-20 11:05:14 UTC

SUSE-SU-2015:0553-1: An update that fixes 8 vulnerabilities is now available.

Category: security (important)
Bug References: 915976,919648,920236,922488,922496,922499,922500,922501
CVE References: CVE-2009-5146,CVE-2015-0209,CVE-2015-0286,CVE-2015-0287,CVE-2015-0288,CVE-2015-0289,CVE-2015-0292,CVE-2015-0293
Sources used:
SUSE Linux Enterprise Module for Legacy Software 12 (src):    compat-openssl098-0.9.8j-73.2

Comment 18 Swamp Workflow Management 2015-03-20 12:05:10 UTC

SUSE-SU-2015:0553-2: An update that fixes 8 vulnerabilities is now available.

Category: security (important)
Bug References: 915976,919648,920236,922488,922496,922499,922500,922501
CVE References: CVE-2009-5146,CVE-2015-0209,CVE-2015-0286,CVE-2015-0287,CVE-2015-0288,CVE-2015-0289,CVE-2015-0292,CVE-2015-0293
Sources used:
SUSE Linux Enterprise Desktop 12 (src):    compat-openssl098-0.9.8j-73.2

Comment 19 Swamp Workflow Management 2015-03-20 17:04:59 UTC

openSUSE-SU-2015:0554-1: An update that fixes 6 vulnerabilities is now available.

Category: security (moderate)
Bug References: 919648,920236,922488,922496,922499,922500
CVE References: CVE-2015-0209,CVE-2015-0286,CVE-2015-0287,CVE-2015-0288,CVE-2015-0289,CVE-2015-0293
Sources used:
openSUSE 13.2 (src):    openssl-1.0.1k-2.20.1
openSUSE 13.1 (src):    openssl-1.0.1k-11.68.1

Comment 20 Swamp Workflow Management 2015-03-20 22:04:58 UTC

SUSE-SU-2015:0546-2: An update that fixes 7 vulnerabilities is now available.

Category: security (moderate)
Bug References: 919648,920236,922488,922496,922499,922500,922501
CVE References: CVE-2015-0209,CVE-2015-0286,CVE-2015-0287,CVE-2015-0288,CVE-2015-0289,CVE-2015-0292,CVE-2015-0293
Sources used:
SLE CLIENT TOOLS 10 for x86_64 (src):    openssl-0.9.8a-18.90.1
SLE CLIENT TOOLS 10 for s390x (src):    openssl-0.9.8a-18.90.1
SLE CLIENT TOOLS 10 (src):    openssl-0.9.8a-18.90.1

Comment 21 Swamp Workflow Management 2015-03-20 23:05:04 UTC

SUSE-SU-2015:0545-2: An update that fixes 8 vulnerabilities is now available.

Category: security (moderate)
Bug References: 915976,919648,920236,922488,922496,922499,922500,922501
CVE References: CVE-2009-5146,CVE-2015-0209,CVE-2015-0286,CVE-2015-0287,CVE-2015-0288,CVE-2015-0289,CVE-2015-0292,CVE-2015-0293
Sources used:
SUSE Studio Onsite 1.3 (src):    openssl-0.9.8j-0.70.1
SUSE Manager 1.7 for SLE 11 SP2 (src):    openssl-0.9.8j-0.70.1
SUSE Linux Enterprise Software Development Kit 11 SP3 (src):    openssl-0.9.8j-0.70.1
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    openssl-0.9.8j-0.70.1
SUSE Linux Enterprise Server 11 SP3 (src):    openssl-0.9.8j-0.70.1
SUSE Linux Enterprise Desktop 11 SP3 (src):    openssl-0.9.8j-0.70.1

Comment 22 Marcus Meissner 2015-03-22 12:45:05 UTC

released

Comment 23 Swamp Workflow Management 2015-07-22 13:08:49 UTC

openSUSE-SU-2015:1277-1: An update that solves 16 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 912015,912018,912292,912293,912296,919648,920236,922496,922499,922500,931600,934487,934489,934491,934493,934494,937891
CVE References: CVE-2014-3570,CVE-2014-3572,CVE-2014-8176,CVE-2014-8275,CVE-2015-0205,CVE-2015-0206,CVE-2015-0209,CVE-2015-0286,CVE-2015-0287,CVE-2015-0288,CVE-2015-0289,CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1792,CVE-2015-4000
Sources used:
openSUSE 13.2 (src):    libressl-2.2.1-2.3.1

Comment 24 Swamp Workflow Management 2022-02-16 21:17:45 UTC

SUSE-FU-2022:0445-1: An update that solves 183 vulnerabilities, contains 21 features and has 299 fixes is now available.

Category: feature (moderate)
Bug References: 1000080,1000117,1000194,1000677,1000742,1001148,1001912,1002585,1002895,1003091,1005246,1009528,1010874,1010966,1011936,1015549,1019637,1021641,1022085,1022086,1022271,1027079,1027610,1027688,1027705,1027908,1028281,1028723,1029523,1029902,1030038,1032118,1032119,1035604,1039469,1040164,1040256,1041090,1042392,1042670,1044095,1044107,1044175,1049186,1049304,1050653,1050665,1055478,1055542,1055825,1056058,1056951,1057496,1062237,1065363,1066242,1066873,1068790,1070737,1070738,1070853,1071905,1071906,1071941,1073310,1073845,1073879,1074247,1076519,1077096,1077230,1078329,1079761,1080301,1081005,1081750,1081751,1082155,1082163,1082318,1083826,1084117,1084157,1085276,1085529,1085661,1087102,1087104,1088573,1089039,1090427,1090765,1090953,1093518,1093917,1094788,1094814,1094883,1095267,1096738,1096937,1097158,1097531,1097624,1098535,1098592,1099308,1099569,1100078,1101246,1101470,1102868,1104789,1106197,1108508,1109882,1109998,1110435,1110869,1110871,1111493,1111622,1111657,1112209,1112357,1113534,1113652,1113742,1113975,1115769,1117951,1118611,1119376,1119416,1119792,1121717,1121852,1122191,1123064,1123185,1123186,1123558,1124885,1125815,1126283,1126318,1127080,1127173,1128146,1128323,1128355,1129071,1129566,1130840,1131291,1132174,1132323,1132455,1132663,1132900,1135009,1136444,1138666,1138715,1138746,1139915,1140255,1141168,1142899,1143033,1143454,1143893,1144506,1149686,1149792,1150003,1150190,1150250,1150895,1153830,1155815,1156677,1156694,1156908,1157104,1157354,1158809,1159235,1159538,1160163,1161557,1161770,1162224,1162367,1162743,1163978,1164310,1165439,1165578,1165730,1165823,1165960,1166139,1166758,1167008,1167501,1167732,1167746,1168480,1168973,1169489,1170175,1170863,1171368,1171561,1172226,1172908,1172928,1173226,1173356,1174009,1174091,1174514,1175729,1176116,1176129,1176134,1176232,1176256,1176257,1176258,1176259,1176262,1176389,1176785,1176977,1177120,1177127,1177559,1178168,1178341,1178670,1179491,1179562,1179630,1179805,1180125,1180781,1181126,1181324,1181944,1182066,1182211,1182244,1182264,1182331,1182333,1182379,1182963,1183059,1183374,1183858,1184505,1185588,1185706,1185748,1186738,1187045,1189521,1190781,1193357,356549,381844,394317,408865,428177,430141,431945,437293,442740,459468,489641,504687,509031,526319,590833,610223,610642,629905,637176,651003,657698,658604,670526,673071,693027,715423,720601,743787,747125,748738,749210,749213,749735,750618,751718,751946,751977,754447,754677,761500,774710,784670,784994,787526,793420,799119,802184,803004,809831,811890,822642,825221,828513,831629,832833,834601,835687,839107,84331,849377,855666,855676,856687,857203,857850,858239,867887,869945,871152,872299,873351,876282,876710,876712,876748,880891,885662,885882,889013,889363,892477,892480,895129,898917,901223,901277,901902,902364,906878,907584,908362,908372,912014,912015,912018,912292,912293,912294,912296,912460,913229,915479,917607,917759,917815,919648,920236,922448,922488,922496,922499,922500,926597,929678,929736,930189,931698,931978,933898,933911,934487,934489,934491,934493,935856,937085,937212,937492,937634,937912,939456,940608,942385,942751,943421,944204,945455,946648,947104,947357,947679,948198,952871,954256,954486,954690,957812,957813,957815,958501,961334,962291,963415,963974,964204,964472,964474,965830,967128,968046,968047,968048,968050,968265,968270,968374,968601,975875,976942,977584,977614,977615,977616,977663,978224,981848,982268,982575,983249,984323,985054,988086,990207,990392,990419,990428,991193,991877,992120,992988,992989,992992,993130,993819,993825,993968,994749,994844,994910,995075,995324,995359,995377,995959,996255,997043,997614,998190,999665,999666,999668
CVE References: CVE-2006-2937,CVE-2006-2940,CVE-2006-3738,CVE-2006-4339,CVE-2006-4343,CVE-2006-7250,CVE-2007-3108,CVE-2007-4995,CVE-2007-5135,CVE-2008-0891,CVE-2008-1672,CVE-2008-5077,CVE-2009-0590,CVE-2009-0591,CVE-2009-0789,CVE-2009-1377,CVE-2009-1378,CVE-2009-1379,CVE-2009-1386,CVE-2009-1387,CVE-2010-0740,CVE-2010-0742,CVE-2010-1633,CVE-2010-2939,CVE-2010-3864,CVE-2010-5298,CVE-2011-0014,CVE-2011-3207,CVE-2011-3210,CVE-2011-3389,CVE-2011-4108,CVE-2011-4576,CVE-2011-4577,CVE-2011-4619,CVE-2011-4944,CVE-2012-0027,CVE-2012-0050,CVE-2012-0845,CVE-2012-0884,CVE-2012-1150,CVE-2012-1165,CVE-2012-2110,CVE-2012-2686,CVE-2012-4929,CVE-2013-0166,CVE-2013-0169,CVE-2013-1752,CVE-2013-4238,CVE-2013-4314,CVE-2013-4353,CVE-2013-6449,CVE-2013-6450,CVE-2014-0012,CVE-2014-0076,CVE-2014-0160,CVE-2014-0195,CVE-2014-0198,CVE-2014-0221,CVE-2014-0224,CVE-2014-1829,CVE-2014-1830,CVE-2014-2667,CVE-2014-3470,CVE-2014-3505,CVE-2014-3506,CVE-2014-3507,CVE-2014-3508,CVE-2014-3509,CVE-2014-3510,CVE-2014-3511,CVE-2014-3512,CVE-2014-3513,CVE-2014-3566,CVE-2014-3567,CVE-2014-3568,CVE-2014-3570,CVE-2014-3571,CVE-2014-3572,CVE-2014-4650,CVE-2014-5139,CVE-2014-7202,CVE-2014-7203,CVE-2014-8275,CVE-2014-9721,CVE-2015-0204,CVE-2015-0205,CVE-2015-0206,CVE-2015-0209,CVE-2015-0286,CVE-2015-0287,CVE-2015-0288,CVE-2015-0289,CVE-2015-0293,CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1791,CVE-2015-1792,CVE-2015-2296,CVE-2015-3194,CVE-2015-3195,CVE-2015-3196,CVE-2015-3197,CVE-2015-3216,CVE-2015-4000,CVE-2016-0702,CVE-2016-0705,CVE-2016-0797,CVE-2016-0798,CVE-2016-0799,CVE-2016-0800,CVE-2016-10745,CVE-2016-2105,CVE-2016-2106,CVE-2016-2107,CVE-2016-2109,CVE-2016-2176,CVE-2016-2177,CVE-2016-2178,CVE-2016-2179,CVE-2016-2180,CVE-2016-2181,CVE-2016-2182,CVE-2016-2183,CVE-2016-6302,CVE-2016-6303,CVE-2016-6304,CVE-2016-6306,CVE-2016-7052,CVE-2016-7055,CVE-2016-9015,CVE-2017-18342,CVE-2017-3731,CVE-2017-3732,CVE-2017-3735,CVE-2017-3736,CVE-2017-3737,CVE-2017-3738,CVE-2018-0732,CVE-2018-0734,CVE-2018-0737,CVE-2018-0739,CVE-2018-18074,CVE-2018-20060,CVE-2018-5407,CVE-2018-7750,CVE-2019-10906,CVE-2019-11236,CVE-2019-11324,CVE-2019-13132,CVE-2019-1547,CVE-2019-1551,CVE-2019-1559,CVE-2019-1563,CVE-2019-20907,CVE-2019-20916,CVE-2019-5010,CVE-2019-6250,CVE-2019-8341,CVE-2019-9740,CVE-2019-9947,CVE-2020-14343,CVE-2020-15166,CVE-2020-15523,CVE-2020-15801,CVE-2020-1747,CVE-2020-1971,CVE-2020-25659,CVE-2020-26137,CVE-2020-27783,CVE-2020-28493,CVE-2020-29651,CVE-2020-36242,CVE-2020-8492,CVE-2021-23336,CVE-2021-23840,CVE-2021-23841,CVE-2021-28957,CVE-2021-29921,CVE-2021-3177,CVE-2021-33503,CVE-2021-3426,CVE-2021-3712
JIRA References: ECO-3105,SLE-11435,SLE-12684,SLE-12986,SLE-13688,SLE-14253,SLE-15159,SLE-15860,SLE-15861,SLE-16754,SLE-17532,SLE-17957,SLE-18260,SLE-18354,SLE-18446,SLE-19264,SLE-3887,SLE-4480,SLE-4577,SLE-7686,SLE-9135
Sources used:
SUSE Manager Tools 12-BETA (src):    venv-salt-minion-3002.2-3.3.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.