[arch-security] [Arch Linux Security Advisory ASA-201411-4] polarssl: multiple issues
Levente Polyak
anthraxx at archlinux.org
Thu Nov 6 20:23:10 UTC 2014
Arch Linux Security Advisory ASA-201411-4
=========================================
Severity: Medium
Date : 2014-11-06
CVE-ID : CVE-2014-8627, CVE-2014-8628
Package : polarssl
Type : multiple issues
Remote : Yes
Link : https://wiki.archlinux.org/index.php/CVE-2014
Summary
=======
The package polarssl before version 1.3.9-1 is vulnerable to multiple
issues including weak signature negotiation and remotely triggerable
memory leaks.
Resolution
==========
Upgrade to 1.3.9-1.
# pacman -Syu "polarssl>=1.3.9-1"
The problem has been fixed upstream in version 1.3.9.
Workaround
==========
None.
Description
===========
- CVE-2014-8627 (weak signature negotiation)
A mistake resulted in servers negotiating the lowest common hash from
signature_algorithms extension in TLS 1.2.
- CVE-2014-8628 (memory leaks)
Two issues were found that result in remotely triggerable memory leaks
when parsing crafted ClientHello messages or X.509 certificates.
Impact
======
A remote attacker is able to trigger memory leaks which may result in
memory exhaustion and therefore denial of service. Additionally due to
weak negotiated signature algorithms an attacker may be able to perform
cryptographic attacks.
References
==========
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8627
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8628
http://www.openwall.com/lists/oss-security/2014/11/04/6
https://github.com/polarssl/polarssl/commit/480905
https://github.com/polarssl/polarssl/commit/43c3b28
https://github.com/polarssl/polarssl/commit/5d8618
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20141106/a2aa0723/attachment.bin>
More information about the arch-security
mailing list