FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

LibreSSL -- DTLS vulnerability

Affected packages
libressl < 2.1.3

Details

VuXML ID f9c388c5-a256-11e4-992a-7b2a515a1247
Discovery 2015-01-08
Entry 2015-01-22

OpenSSL Security Advisory:

A memory leak can occur in the dtls1_buffer_record function under certain conditions. In particular this could occur if an attacker sent repeated DTLS records with the same sequence number but for the next epoch. The memory leak could be exploited by an attacker in a Denial of Service attack through memory exhaustion.

[source]

References

CVE Name CVE-2015-0206
URL https://www.openssl.org/news/secadv_20150108.txt

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.