CVE 2017-3735 OOB read

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

CVE 2017-3735 OOB read

OpenSSL - Dev mailing list

From https://www.openssl.org/news/secadv/20170828.txt

 

OpenSSL Security Advisory [28 Aug 2017]

========================================

 

Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735)

===================================================================

 

Severity: Low

 

If an X.509 certificate has a malformed IPAddressFamily extension,

OpenSSL could do a one-byte buffer overread. The most likely result

would be an erroneous display of the certificate in text format.

 

As this is a low severity fix, no release is being made. The fix can be

found in the source repository (1.0.2, 1.1.0, and master branches); see

https://github.com/openssl/openssl/pull/4276. This bug has been present

since 2006.

 

 

This issue was found by Google's OSS-Fuzz project on August 22.

The fix was developed by Rich Salz of the OpenSSL development team.

 


--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev