An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
oryginał ENCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HCheckpoint Multi Domain Management
HWCheckpointwszystkie wersjeCheckpoint Multi Domain Management Firmware
OSCheckpointr80.40r81Checkpoint Quantum Security Gateway
HWCheckpointwszystkie wersjeCheckpoint Quantum Security Gateway Firmware
OSCheckpointr80.40r81Checkpoint Quantum Security Management
HWCheckpointwszystkie wersjeCheckpoint Quantum Security Management Firmware
OSCheckpointr80.40r81Debian
OSDebian10.09.0Fedora Project Fedora
OSFedoraproject34Freebsd
OSFreebsd12.2Mcafee Web Gateway
APPMcafee10.1.18.2.199.2.10Mcafee Web Gateway Cloud Service
APPMcafee10.1.18.2.199.2.10Netapp Active Iq Unified Manager
APPNetappwszystkie wersjeNetapp Cloud Volumes Ontap Mediator
APPNetappwszystkie wersjeNetapp E Series Performance Analyzer
APPNetappwszystkie wersjeNetapp Oncommand Insight
APPNetappwszystkie wersjeNetapp Oncommand Workflow Automation
APPNetappwszystkie wersjeNetapp Ontap Select Deploy Administration Utility
APPNetappwszystkie wersjeNetapp Santricity Smi S Provider
APPNetappwszystkie wersjeNetapp Snapcenter
APPNetappwszystkie wersjeNetapp Storagegrid
APPNetappwszystkie wersjeOpenSSL
APPOpenssl1.1.1 – 1.1.1k (bez)Oracle Communications Communications Policy Management
APPOracle12.6.0.0.0Oracle Enterprise Manager For Storage Management
APPOracle13.4.0.0Oracle Essbase
APPOracle21.2Oracle Graalvm
APPOracle19.3.520.3.1.221.0.0.2Oracle Jd Edwards Enterpriseone Tools
APPOracle< 9.2.6.0Oracle Jd Edwards World Security
APPOraclea9.4Oracle MySQL Connectors
APPOracle≤ 8.0.23Oracle MySQL Server
APPOracle8.0.15 – 8.0.23≤ 5.7.33Oracle MySQL Workbench
APPOracle≤ 8.0.23
Powiązane podatności
Pominięcie uwierzytelnienia w Oracle PeopleSoft PeopleTools (RCE/Takeover)
GNU Inetutils telnetd: ominięcie uwierzytelnienia przez zmienną USER
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
RCE przez deserializację PHP w Roundcube Webmail (parametr _from)
Erlang/OTP SSH — nieuwierzytelniony RCE (CVSS 10.0)