CVE-2016-7052

Priority
Description
crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a
denial of service (NULL pointer dereference and application crash) by
triggering a CRL operation.
Notes
mdeslaur1.0.2i only, was introduced by
https://git.openssl.org/?p=openssl.git;a=commit;h=325da8231c8d441e6bb7f15d1a5a23ff63c842e5
Package
Upstream:released (1.0.2j)
Ubuntu 14.04 ESM (Trusty Tahr):not-affected
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2020-01-29 19:56:29 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)