CVE-2020-1967: Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a…

high7.5CVSS 3.1

AVNACLPRNUINSUCNINAH

Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).

Affected

38 ranges· showing 25

Vendor	Product	Version range	Fixed in
debian	debian_linux	—	—
debian	debian_linux	—	—
debian	openssl	< openssl 1.1.1g-1 (bookworm)	openssl 1.1.1g-1 (bookworm)
fedoraproject	fedora	—	—
fedoraproject	fedora	—	—
fedoraproject	fedora	—	—
freebsd	freebsd	—	—
jdedwards	enterpriseone	< 9.2.5.0	9.2.5.0
netapp	active_iq_unified_manager	>= 7.3	—
netapp	active_iq_unified_manager	>= 9.5	—
openssl	openssl	—	—
openssl	openssl	>= 0 < 1.1.1g-1	1.1.1g-1
openssl	openssl	>= 0 < 1.1.1g-1	1.1.1g-1
openssl	openssl	>= 0 < 1.1.1g-1	1.1.1g-1
openssl	openssl	>= 0 < 1.1.1g-1	1.1.1g-1
openssl	openssl	1.1.1d – 1.1.1f	—
opensuse	leap	—	—
opensuse	leap	—	—
oracle	application_server	—	—
oracle	enterprise_manager_base_platform	—	—
oracle	enterprise_manager_for_storage_management	—	—
oracle	enterprise_manager_for_storage_management	—	—
oracle	enterprise_manager_ops_center	—	—
oracle	http_server	—	—
oracle	jd_edwards_world_security	—	—

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

osv7.5HIGH