CVE-2014-0195 — Classic Buffer Overflow in Openssl

CWE-120 — Classic Buffer Overflow CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer19 documents12 sources

Severity

6.8MEDIUMNVD

EPSS

92.8%

top 0.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openssl Mariadb Fedoraproject Fedora +3 more

Timeline

PublishedJun 5

Latest updateNov 7

Description

The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a long non-initial fragment.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages7 packages

▶NVDopenssl/openssl0.9.8 — 0.9.8za+2

▶Debianopenssl/openssl< 1.0.1h-1+3

▶Ubuntuopenssl/openssl< 1.0.1f-1ubuntu2.2

▶NVDmariadb/mariadb10.0.0 — 10.0.13

▶NVDopensuse/leap42.1

Also affects: Fedora 19, 20

Patches

Patch: bugzilla.redhat.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-r4qw-hxm9-9pf9: The dtls1_reassemble_fragment function in d1_both↗2022-05-14

▶

OSV

openssl regression↗2014-06-23

▶

OSV

openssl regression↗2014-06-12

▶

CVEList

CVE-2014-0195: The dtls1_reassemble_fragment function in d1_both↗2014-06-05

▶

OSV

openssl vulnerabilities↗2014-06-05

▶

🔍Detection Rules

Suricata

ET EXPLOIT SUSPICIOUS DTLS 1.0 Fragmented Client Hello Possible CVE-2014-0195↗2014-06-13

▶

📋Vendor Advisories

Palo Alto

PAN-SA-2024-0014 Informational Bulletin: Impact of OSS CVEs in Cortex XDR Agent↗2024-11-07

▶

Red Hat

openssl: Buffer overflow via DTLS invalid fragment↗2014-06-05

▶

Ubuntu

OpenSSL vulnerabilities↗2014-06-05

▶

Cisco

Multiple Vulnerabilities in OpenSSL Affecting Cisco Products↗2014-06-05

▶

BSD

FreeBSD-SA-14:14.openssl: OpenSSL multiple vulnerabilities↗2014-06-05

▶

💬Community

Bugzilla

CVE-2014-0221 CVE-2014-0198 CVE-2014-0224 CVE-2014-0195 CVE-2010-5298 CVE-2014-3470 mingw-openssl: various flaws [epel-7]↗2014-08-07

▶

Bugzilla

CVE-2014-3470 CVE-2014-0221 CVE-2014-0224 CVE-2014-0195 mingw32-openssl: various flaws [epel-5]↗2014-08-07

▶

Bugzilla

CVE-2014-0195 openssl: Buffer overflow via DTLS invalid fragment↗2014-06-02

▶

Bugzilla

CVE-2014-0221 CVE-2014-0198 CVE-2014-0224 CVE-2014-0195 CVE-2010-5298 CVE-2014-3470 openssl: various flaws [fedora-all]↗2014-05-09

▶

Bugzilla

CVE-2014-0221 CVE-2014-0198 CVE-2014-0224 CVE-2014-0195 CVE-2010-5298 CVE-2014-3470 mingw-openssl: various flaws [fedora-all]↗2014-05-09

▶