openssl is vulnerable to denial of service (DoS). The vulnerability exists through a NULL pointer dereference issue when both GENERAL_NAMEs
contain an EDIPARTYNAME
.
www.openwall.com/lists/oss-security/2021/09/14/2
cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2154ab83e14ede338d2ede9bbe5cdfce5d5a6c9e
git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f960d81215ebf3f65e03d4d5d857fb9b666d6920
kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44676
lists.apache.org/thread.html/r63c6f2dd363d9b514d0a4bcf624580616a679898cc14c109a49b750c@%3Cdev.tomcat.apache.org%3E
lists.apache.org/thread.html/rbb769f771711fb274e0a4acb1b5911c8aab544a6ac5e8c12d40c5143@%3Ccommits.pulsar.apache.org%3E
lists.debian.org/debian-lts-announce/2020/12/msg00020.html
lists.debian.org/debian-lts-announce/2020/12/msg00021.html
lists.fedoraproject.org/archives/list/[email protected]/message/DGSI34Y5LQ5RYXN4M2I5ZQT65LFVDOUU/
lists.fedoraproject.org/archives/list/[email protected]/message/PWPSSZNZOBJU2YR6Z4TGHXKYW3YP5QG7/
security-tracker.debian.org/tracker/CVE-2020-1971
security.FreeBSD.org/advisories/FreeBSD-SA-20:33.openssl.asc
security.gentoo.org/glsa/202012-13
security.netapp.com/advisory/ntap-20201218-0005/
security.netapp.com/advisory/ntap-20210513-0002/
www.debian.org/security/2020/dsa-4807
www.openssl.org/news/secadv/20201208.txt
www.oracle.com//security-alerts/cpujul2021.html
www.oracle.com/security-alerts/cpuApr2021.html
www.oracle.com/security-alerts/cpuapr2022.html
www.oracle.com/security-alerts/cpujan2021.html
www.oracle.com/security-alerts/cpuoct2021.html
www.tenable.com/security/tns-2020-11
www.tenable.com/security/tns-2021-09
www.tenable.com/security/tns-2021-10