CVE-2016-0705

critical-risk
Published 2016-03-03

Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA private key.

Do I need to act?

!
21.8% chance of exploitation in next 30 days
EPSS score — higher than 78% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (20)

Affected Vendors

Openssl Google Oracle Debian Canonical

References (114)

Third Party Advisory http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759
Mailing List http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178358.html
Mailing List http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178817.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00005.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html
Mailing List http://marc.info/?l=bugtraq&m=145889460330120&w=2
Mailing List http://marc.info/?l=bugtraq&m=145983526810210&w=2
Mailing List http://marc.info/?l=bugtraq&m=146108058503441&w=2
Vendor Advisory http://openssl.org/news/secadv/20160301.txt
Third Party Advisory http://rhn.redhat.com/errata/RHSA-2016-2957.html
and 94 more references
73
/ 100
critical-risk
Severity 32/34 · Critical
Exploitability 14/34 · Moderate
Exposure 27/34 · High