CVE-2015-0290

Priority
Description
The multi-block feature in the ssl3_write_bytes function in s3_pkt.c in
OpenSSL 1.0.2 before 1.0.2a on 64-bit x86 platforms with AES NI support
does not properly handle certain non-blocking I/O cases, which allows
remote attackers to cause a denial of service (pointer corruption and
application crash) via unspecified vectors.
Notes
mdeslaur1.0.2 only
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):not-affected
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected)
More Information

Updated: 2020-01-29 19:51:09 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)