CVE-2014-3509
published 2014-08-13CVE-2014-3509: Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL 1.0.0 before 1.0.0n and 1.0.1 before 1.0.1i, when multithreading and session…
PriorityP336medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
13.36%
95.9th percentile
Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL 1.0.0 before 1.0.0n and 1.0.1 before 1.0.1i, when multithreading and session resumption are used, allows remote SSL servers to cause a denial of service (memory overwrite and client application crash) or possibly have unspecified other impact by sending Elliptic Curve (EC) Supported Point Formats Extension data.
Affected
30 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openssl | < openssl 1.0.1i-1 (bookworm) | openssl 1.0.1i-1 (bookworm) |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | >= 0 < 1.0.1i-1 | 1.0.1i-1 |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8MEDIUM
vendor_redhat6.8MEDIUM
vendor_ubuntu5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Palo Alto
PAN-SA-2024-0014 Informational Bulletin: Impact of OSS CVEs in Cortex XDR Agent
vendor_paloalto·2024-11-07·CVSS 6.8
CVE-2014-0195 [MEDIUM] PAN-SA-2024-0014 Informational Bulletin: Impact of OSS CVEs in Cortex XDR Agent
PAN-SA-2024-0014 Informational Bulletin: Impact of OSS CVEs in Cortex XDR Agent
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to Cortex XDR Agent. While Cortex XDR Agent may include the
CVEs: CVE-2014-0195, CVE-2014-0224, CVE-2014-3509, CVE-2014-3512, CVE-2014-3513, CVE-2014-3567, CVE-2015-0209, CVE-2015-0292, CVE-2015-1789, CVE-2015-1791, CVE-2015-1793, CVE-2015-3194, CVE-2016-0705, CVE-2016-0797, CVE-2016-0798, CVE-2016-0799, CVE-2016-2105, CVE-2016-2106, CVE-2016-2108, CVE-2016-2109, CVE-2016-2176, CVE-2016-2177, CVE-2016-2179, CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183, CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2019-1551, CVE-2019-1552, CVE-2019-1559, CVE-2019-1563, CVE-2020-196
BSD
FreeBSD-SA-14:18.openssl: OpenSSL multiple vulnerabilities
bsd_advisories·2014-09-09·CVSS 5.0
CVE-2014-3506 [MEDIUM] FreeBSD-SA-14:18.openssl: OpenSSL multiple vulnerabilities
FreeBSD-SA-14:18.openssl Security Advisory
The FreeBSD Project
Topic: OpenSSL multiple vulnerabilities
Category: contrib
Module: openssl
Announced: 2014-09-09
Affects: All supported versions of FreeBSD.
Corrected: 2014-08-07 21:04:42 UTC (stable/10, 10.0-STABLE)
2014-09-09 10:09:46 UTC (releng/10.0, 10.0-RELEASE-p8)
2014-08-07 21:06:34 UTC (stable/9, 9.3-STABLE)
2014-09-09 10:13:46 UTC (releng/9.3, 9.3-RELEASE-p1)
2014-09-09 10:13:46 UTC (releng/9.2, 9.2-RELEASE-p11)
2014-09-09 10:13:46 UTC (releng/9.1, 9.1-RELEASE-p18)
2014-08-07 21:06:34 UTC (stable/8, 8.4-STABLE)
2014-09-09 10:13:46 UTC (releng/8.4, 8.4-RELEASE-p15)
CVE Name: CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3510,
CVE-2014-3509, CVE-2014-3511, CVE-2014-3512, CVE-2014-5139
For general information regarding FreeBSD
Ubuntu
OpenSSL vulnerabilities
vendor_ubuntu·2014-08-07·CVSS 5.0
CVE-2014-3505 [MEDIUM] OpenSSL vulnerabilities
Title: OpenSSL vulnerabilities
Summary: Several security issues were fixed in OpenSSL.
Adam Langley and Wan-Teh Chang discovered that OpenSSL incorrectly handled
certain DTLS packets. A remote attacker could use this issue to cause
OpenSSL to crash, resulting in a denial of service. (CVE-2014-3505)
Adam Langley discovered that OpenSSL incorrectly handled memory when
processing DTLS handshake messages. A remote attacker could use this issue
to cause OpenSSL to consume memory, resulting in a denial of service.
(CVE-2014-3506)
Adam Langley discovered that OpenSSL incorrectly handled memory when
processing DTLS fragments. A remote attacker could use this issue to cause
OpenSSL to leak memory, resulting in a denial of service. This issue
only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
Red Hat
openssl: race condition in ssl_parse_serverhello_tlsext
vendor_redhat·2014-08-06·CVSS 6.8
CVE-2014-3509 [MEDIUM] CWE-362 openssl: race condition in ssl_parse_serverhello_tlsext
openssl: race condition in ssl_parse_serverhello_tlsext
Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL 1.0.0 before 1.0.0n and 1.0.1 before 1.0.1i, when multithreading and session resumption are used, allows remote SSL servers to cause a denial of service (memory overwrite and client application crash) or possibly have unspecified other impact by sending Elliptic Curve (EC) Supported Point Formats Extension data.
A race condition was found in the way OpenSSL handled ServerHello messages with an included Supported EC Point Format extension. A malicious server could possibly use this flaw to cause a multi-threaded TLS/SSL client using OpenSSL to write into freed memory, causing the client to crash or execute arbitrary code.
Package: openssl (Red Hat Ent
Debian
CVE-2014-3509: openssl - Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenS...
vendor_debian·2014·CVSS 6.8
CVE-2014-3509 [MEDIUM] CVE-2014-3509: openssl - Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenS...
Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL 1.0.0 before 1.0.0n and 1.0.1 before 1.0.1i, when multithreading and session resumption are used, allows remote SSL servers to cause a denial of service (memory overwrite and client application crash) or possibly have unspecified other impact by sending Elliptic Curve (EC) Supported Point Formats Extension data.
Scope: local
bookworm: resolved (fixed in 1.0.1i-1)
bullseye: resolved (fixed in 1.0.1i-1)
forky: resolved (fixed in 1.0.1i-1)
sid: resolved (fixed in 1.0.1i-1)
trixie: resolved (fixed in 1.0.1i-1)
GHSA
GHSA-6353-qghw-q8mp: Race condition in the ssl_parse_serverhello_tlsext function in t1_lib
ghsa_unreviewed·2022-05-17
CVE-2014-3509 [MEDIUM] CWE-362 GHSA-6353-qghw-q8mp: Race condition in the ssl_parse_serverhello_tlsext function in t1_lib
Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL 1.0.0 before 1.0.0n and 1.0.1 before 1.0.1i, when multithreading and session resumption are used, allows remote SSL servers to cause a denial of service (memory overwrite and client application crash) or possibly have unspecified other impact by sending Elliptic Curve (EC) Supported Point Formats Extension data.
OSV
CVE-2014-3509: Race condition in the ssl_parse_serverhello_tlsext function in t1_lib
osv·2014-08-13·CVSS 6.8
CVE-2014-3509 [MEDIUM] CVE-2014-3509: Race condition in the ssl_parse_serverhello_tlsext function in t1_lib
Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL 1.0.0 before 1.0.0n and 1.0.1 before 1.0.1i, when multithreading and session resumption are used, allows remote SSL servers to cause a denial of service (memory overwrite and client application crash) or possibly have unspecified other impact by sending Elliptic Curve (EC) Supported Point Formats Extension data.
OSV
openssl vulnerabilities
osv·2014-08-07·CVSS 5.0
CVE-2014-3505 [MEDIUM] openssl vulnerabilities
openssl vulnerabilities
Adam Langley and Wan-Teh Chang discovered that OpenSSL incorrectly handled
certain DTLS packets. A remote attacker could use this issue to cause
OpenSSL to crash, resulting in a denial of service. (CVE-2014-3505)
Adam Langley discovered that OpenSSL incorrectly handled memory when
processing DTLS handshake messages. A remote attacker could use this issue
to cause OpenSSL to consume memory, resulting in a denial of service.
(CVE-2014-3506)
Adam Langley discovered that OpenSSL incorrectly handled memory when
processing DTLS fragments. A remote attacker could use this issue to cause
OpenSSL to leak memory, resulting in a denial of service. This issue
only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-3507)
Ivan Fratric discovered that OpenSSL incorrectl
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2014-3509 openssl: race condition in ssl_parse_serverhello_tlsext
bugzilla·2014-08-07·CVSS 6.8
CVE-2014-3509 [MEDIUM] CVE-2014-3509 openssl: race condition in ssl_parse_serverhello_tlsext
CVE-2014-3509 openssl: race condition in ssl_parse_serverhello_tlsext
A race condition was found in the ssl_parse_serverhello_tlsext() code that may result in upto 255 bytes being written to memory that had been free'd if an ec point format extension was sent by the server. This issue only affects multi-threaded clients.
Discussion:
External References:
https://www.openssl.org/news/secadv_20140806.txt
---
Upstream commit:
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb0bc2b273bcc2d5401dd883fe869af4fc74bb21
---
Affected code that implements support for Supported Point Formats Extension for ECC ciphersuites was originally introduced in the following commit:
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=36ca4ba6
This code was added upstream in version
Bugzilla
CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511 CVE-2014-3510 CVE-2014-3508 mingw-openssl: various flaws [epel-7]
bugzilla·2014-08-07·CVSS 5.0
CVE-2014-3505 [MEDIUM] CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511 CVE-2014-3510 CVE-2014-3508 mingw-openssl: various flaws [epel-7]
CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511 CVE-2014-3510 CVE-2014-3508 mingw-openssl: various flaws [epel-7]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
epel-7
Bugzilla
CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511 CVE-2014-3510 CVE-2014-3508 CVE-2014-3509 mingw-openssl: various flaws [fedora-all]
bugzilla·2014-08-07·CVSS 5.0
CVE-2014-3505 [MEDIUM] CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511 CVE-2014-3510 CVE-2014-3508 CVE-2014-3509 mingw-openssl: various flaws [fedora-all]
CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511 CVE-2014-3510 CVE-2014-3508 CVE-2014-3509 mingw-openssl: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit mess
Bugzilla
CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511 CVE-2014-3510 CVE-2014-3508 CVE-2014-3509 openssl: various flaws [fedora-all]
bugzilla·2014-08-07·CVSS 5.0
CVE-2014-3505 [MEDIUM] CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511 CVE-2014-3510 CVE-2014-3508 CVE-2014-3509 openssl: various flaws [fedora-all]
CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3511 CVE-2014-3510 CVE-2014-3508 CVE-2014-3509 openssl: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
Tenable
[R4] Tenable Products Affected by OpenSSL Protocol Downgrade Vulnerability
blogs_tenable·2014-08-21
[R4] Tenable Products Affected by OpenSSL Protocol Downgrade Vulnerability
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.aschttp://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.aschttp://linux.oracle.com/errata/ELSA-2014-1052.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.htmlhttp://lists.opensuse.org/opensuse-updates/2014-08/msg00036.htmlhttp://marc.info/?l=bugtraq&m=142350350616251&w=2http://marc.info/?l=bugtraq&m=142495837901899&w=2http://marc.info/?l=bugtraq&m=142624590206005&w=2http://marc.info/?l=bugtraq&m=142660345230545&w=2http://marc.info/?l=bugtraq&m=142791032306609&w=2http://marc.info/?l=bugtraq&m=143290437727362&w=2http://marc.info/?l=bugtraq&m=143290522027658&w=2http://rhn.redhat.com/errata/RHSA-2015-0197.htmlhttp://secunia.com/advisories/58962http://secunia.com/advisories/59700http://secunia.com/advisories/59710http://secunia.com/advisories/59756http://secunia.com/advisories/60022http://secunia.com/advisories/60221http://secunia.com/advisories/60493http://secunia.com/advisories/60684http://secunia.com/advisories/60803http://secunia.com/advisories/60917http://secunia.com/advisories/60921http://secunia.com/advisories/60938http://secunia.com/advisories/61017http://secunia.com/advisories/61100http://secunia.com/advisories/61139http://secunia.com/advisories/61184http://secunia.com/advisories/61775http://secunia.com/advisories/61959http://security.gentoo.org/glsa/glsa-201412-39.xmlhttp://www-01.ibm.com/support/docview.wss?uid=nas8N1020240http://www-01.ibm.com/support/docview.wss?uid=swg21682293http://www-01.ibm.com/support/docview.wss?uid=swg21683389http://www-01.ibm.com/support/docview.wss?uid=swg21686997http://www.debian.org/security/2014/dsa-2998http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htmhttp://www.mandriva.com/security/advisories?name=MDVSA-2014:158http://www.securityfocus.com/bid/69084http://www.securitytracker.com/id/1030693https://bugzilla.redhat.com/show_bug.cgi?id=1127498https://exchange.xforce.ibmcloud.com/vulnerabilities/95159https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=fb0bc2b273bcc2d5401dd883fe869af4fc74bb21https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.htmlhttps://support.citrix.com/article/CTX216642https://techzone.ergon.ch/CVE-2014-3511https://www.freebsd.org/security/advisories/FreeBSD-SA-14:18.openssl.aschttps://www.openssl.org/news/secadv_20140806.txtftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-008.txt.aschttp://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.aschttp://linux.oracle.com/errata/ELSA-2014-1052.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.htmlhttp://lists.opensuse.org/opensuse-updates/2014-08/msg00036.htmlhttp://marc.info/?l=bugtraq&m=142350350616251&w=2http://marc.info/?l=bugtraq&m=142495837901899&w=2http://marc.info/?l=bugtraq&m=142624590206005&w=2http://marc.info/?l=bugtraq&m=142660345230545&w=2http://marc.info/?l=bugtraq&m=142791032306609&w=2http://marc.info/?l=bugtraq&m=143290437727362&w=2http://marc.info/?l=bugtraq&m=143290522027658&w=2http://rhn.redhat.com/errata/RHSA-2015-0197.htmlhttp://secunia.com/advisories/58962http://secunia.com/advisories/59700http://secunia.com/advisories/59710http://secunia.com/advisories/59756http://secunia.com/advisories/60022http://secunia.com/advisories/60221http://secunia.com/advisories/60493http://secunia.com/advisories/60684http://secunia.com/advisories/60803http://secunia.com/advisories/60917http://secunia.com/advisories/60921http://secunia.com/advisories/60938http://secunia.com/advisories/61017http://secunia.com/advisories/61100http://secunia.com/advisories/61139http://secunia.com/advisories/61184http://secunia.com/advisories/61775http://secunia.com/advisories/61959http://security.gentoo.org/glsa/glsa-201412-39.xmlhttp://www-01.ibm.com/support/docview.wss?uid=nas8N1020240http://www-01.ibm.com/support/docview.wss?uid=swg21682293http://www-01.ibm.com/support/docview.wss?uid=swg21683389http://www-01.ibm.com/support/docview.wss?uid=swg21686997http://www.debian.org/security/2014/dsa-2998http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htmhttp://www.mandriva.com/security/advisories?name=MDVSA-2014:158http://www.securityfocus.com/bid/69084http://www.securitytracker.com/id/1030693https://bugzilla.redhat.com/show_bug.cgi?id=1127498https://exchange.xforce.ibmcloud.com/vulnerabilities/95159https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=fb0bc2b273bcc2d5401dd883fe869af4fc74bb21https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380https://lists.balabit.hu/pipermail/syslog-ng-announce/2014-September/000196.html
+ 4 more references
2014-08-13
Published