rhsa-2014_0416
Vulnerability from csaf_redhat
Published
2014-04-17 12:23
Modified
2024-11-14 14:28
Summary
Red Hat Security Advisory: rhevm-spice-client security update
Notes
Topic
Updated rhevm-spice-client packages that fix multiple security issues are
now available for Red Hat Enterprise Virtualization Manager 3.
The Red Hat Security Response Team has rated this update as having
Important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
Red Hat Enterprise Virtualization Manager provides access to virtual
machines using SPICE. These SPICE client packages provide the SPICE client
and usbclerk service for both Windows 32-bit operating systems and Windows
64-bit operating systems.
The rhevm-spice-client package includes the mingw-virt-viewer Windows SPICE
client. OpenSSL, a general purpose cryptography library with a TLS
implementation, is bundled with mingw-virt-viewer. The mingw-virt-viewer
package has been updated to correct the following issues:
An information disclosure flaw was found in the way OpenSSL handled TLS and
DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server
could send a specially crafted TLS or DTLS Heartbeat packet to disclose a
limited portion of memory per request from a connected client or server.
Note that the disclosed portions of memory could potentially include
sensitive information such as private keys. (CVE-2014-0160)
It was discovered that OpenSSL leaked timing information when decrypting
TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites
were used. A remote attacker could possibly use this flaw to retrieve plain
text from the encrypted packets by using a TLS/SSL or DTLS server as a
padding oracle. (CVE-2013-0169)
A NULL pointer dereference flaw was found in the way OpenSSL handled
TLS/SSL protocol handshake packets. A specially crafted handshake packet
could cause a TLS/SSL client using OpenSSL to crash. (CVE-2013-4353)
It was discovered that the TLS/SSL protocol could leak information about
plain text when optional compression was used. An attacker able to control
part of the plain text sent over an encrypted TLS/SSL connection could
possibly use this flaw to recover other portions of the plain text.
(CVE-2012-4929)
Red Hat would like to thank the OpenSSL project for reporting
CVE-2014-0160. Upstream acknowledges Neel Mehta of Google Security as the
original reporter.
The updated mingw-virt-viewer Windows SPICE client further includes OpenSSL
security fixes that have no security impact on mingw-virt-viewer itself.
The security fixes included in this update address the following CVE
numbers:
CVE-2013-6449, CVE-2013-6450, CVE-2012-2686, and CVE-2013-0166
All Red Hat Enterprise Virtualization Manager users are advised to upgrade
to these updated packages, which address these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated rhevm-spice-client packages that fix multiple security issues are\nnow available for Red Hat Enterprise Virtualization Manager 3.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Enterprise Virtualization Manager provides access to virtual\nmachines using SPICE. These SPICE client packages provide the SPICE client\nand usbclerk service for both Windows 32-bit operating systems and Windows\n64-bit operating systems.\n\nThe rhevm-spice-client package includes the mingw-virt-viewer Windows SPICE\nclient. OpenSSL, a general purpose cryptography library with a TLS\nimplementation, is bundled with mingw-virt-viewer. The mingw-virt-viewer\npackage has been updated to correct the following issues:\n\nAn information disclosure flaw was found in the way OpenSSL handled TLS and\nDTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server\ncould send a specially crafted TLS or DTLS Heartbeat packet to disclose a\nlimited portion of memory per request from a connected client or server.\nNote that the disclosed portions of memory could potentially include\nsensitive information such as private keys. (CVE-2014-0160)\n\nIt was discovered that OpenSSL leaked timing information when decrypting\nTLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites\nwere used. A remote attacker could possibly use this flaw to retrieve plain\ntext from the encrypted packets by using a TLS/SSL or DTLS server as a\npadding oracle. (CVE-2013-0169)\n\nA NULL pointer dereference flaw was found in the way OpenSSL handled\nTLS/SSL protocol handshake packets. A specially crafted handshake packet\ncould cause a TLS/SSL client using OpenSSL to crash. (CVE-2013-4353)\n\nIt was discovered that the TLS/SSL protocol could leak information about\nplain text when optional compression was used. An attacker able to control\npart of the plain text sent over an encrypted TLS/SSL connection could\npossibly use this flaw to recover other portions of the plain text.\n(CVE-2012-4929)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-0160. Upstream acknowledges Neel Mehta of Google Security as the\noriginal reporter.\n\nThe updated mingw-virt-viewer Windows SPICE client further includes OpenSSL\nsecurity fixes that have no security impact on mingw-virt-viewer itself.\nThe security fixes included in this update address the following CVE\nnumbers:\n\nCVE-2013-6449, CVE-2013-6450, CVE-2012-2686, and CVE-2013-0166\n\nAll Red Hat Enterprise Virtualization Manager users are advised to upgrade\nto these updated packages, which address these issues.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2014:0416", "url": "https://access.redhat.com/errata/RHSA-2014:0416" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "857051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857051" }, { "category": "external", "summary": "907589", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=907589" }, { "category": "external", "summary": "1049058", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1049058" }, { "category": "external", "summary": "1084875", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1084875" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0416.json" } ], "title": "Red Hat Security Advisory: rhevm-spice-client security update", "tracking": { "current_release_date": "2024-11-14T14:28:00+00:00", "generator": { "date": "2024-11-14T14:28:00+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.0" } }, "id": "RHSA-2014:0416", "initial_release_date": "2014-04-17T12:23:34+00:00", "revision_history": [ { "date": "2014-04-17T12:23:34+00:00", "number": "1", "summary": "Initial version" }, { "date": "2014-04-17T12:23:34+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-14T14:28:00+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHEV-M 3.3", "product": { "name": "RHEV-M 3.3", "product_id": "6Server-RHEV-S-3.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhev_manager:3" } } } ], "category": "product_family", "name": "Red Hat Virtualization" }, { "branches": [ { "category": "product_version", "name": "rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch", "product": { "name": "rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch", "product_id": "rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhevm-spice-client-x86-msi@3.3-12.el6_5?arch=noarch" } } }, { "category": "product_version", "name": "rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "product": { "name": "rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "product_id": "rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhevm-spice-client-x86-cab@3.3-12.el6_5?arch=noarch" } } }, { "category": "product_version", "name": "rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "product": { "name": "rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "product_id": "rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhevm-spice-client-x64-msi@3.3-12.el6_5?arch=noarch" } } }, { "category": "product_version", "name": "rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "product": { "name": "rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "product_id": "rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhevm-spice-client-x64-cab@3.3-12.el6_5?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "rhevm-spice-client-0:3.3-12.el6_5.src", "product": { "name": "rhevm-spice-client-0:3.3-12.el6_5.src", "product_id": "rhevm-spice-client-0:3.3-12.el6_5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/rhevm-spice-client@3.3-12.el6_5?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rhevm-spice-client-0:3.3-12.el6_5.src as a component of RHEV-M 3.3", "product_id": "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src" }, "product_reference": "rhevm-spice-client-0:3.3-12.el6_5.src", "relates_to_product_reference": "6Server-RHEV-S-3.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch as a component of RHEV-M 3.3", "product_id": "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch" }, "product_reference": "rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "relates_to_product_reference": "6Server-RHEV-S-3.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch as a component of RHEV-M 3.3", "product_id": "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch" }, "product_reference": "rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "relates_to_product_reference": "6Server-RHEV-S-3.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch as a component of RHEV-M 3.3", "product_id": "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch" }, "product_reference": "rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "relates_to_product_reference": "6Server-RHEV-S-3.3" }, { "category": "default_component_of", "full_product_name": { "name": "rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch as a component of RHEV-M 3.3", "product_id": "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" }, "product_reference": "rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch", "relates_to_product_reference": "6Server-RHEV-S-3.3" } ] }, "vulnerabilities": [ { "cve": "CVE-2012-4929", "discovery_date": "2012-09-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "857051" } ], "notes": [ { "category": "description", "text": "The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a \"CRIME\" attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS CRIME attack against HTTPS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4929" }, { "category": "external", "summary": "RHBZ#857051", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857051" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4929", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4929" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4929", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4929" } ], "release_date": "2012-09-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-04-17T12:23:34+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0416" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS CRIME attack against HTTPS" }, { "cve": "CVE-2013-0169", "discovery_date": "2013-02-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "907589" } ], "notes": [ { "category": "description", "text": "The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "SSL/TLS: CBC padding timing attack (lucky-13)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-0169" }, { "category": "external", "summary": "RHBZ#907589", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=907589" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-0169", "url": "https://www.cve.org/CVERecord?id=CVE-2013-0169" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0169", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0169" }, { "category": "external", "summary": "http://www.isg.rhul.ac.uk/tls/", "url": "http://www.isg.rhul.ac.uk/tls/" }, { "category": "external", "summary": "http://www.openssl.org/news/secadv_20130205.txt", "url": "http://www.openssl.org/news/secadv_20130205.txt" }, { "category": "external", "summary": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released", "url": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released" } ], "release_date": "2013-02-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-04-17T12:23:34+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0416" }, { "category": "workaround", "details": "On OpenShift Container Platform 3.11 it\u0027s possible to edit the list of cipher suites offered by the router when performing \u0027edge\u0027, or \u0027re-encrypt\u0027 TLS modes. Please follow the documentation [1], and [2] to remove the vulnerable CBC ciphers use the modern, or intermediate cipher suites outlined by Mozilla instead [3]. In \u0027passthrough\u0027 mode TLS termination occurs in the application so that is another way to mitigate the vulnerability.\n[1] https://docs.openshift.com/container-platform/3.11/install_config/router/customized_haproxy_router.html#obtaining-router-configuration-template\n[2] https://docs.openshift.com/container-platform/3.11/install_config/router/customized_haproxy_router.html#using-configmap-replace-template\n[3] https://wiki.mozilla.org/Security/Server_Side_TLS", "product_ids": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "SSL/TLS: CBC padding timing attack (lucky-13)" }, { "cve": "CVE-2013-4353", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2014-01-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1049058" } ], "notes": [ { "category": "description", "text": "The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake.", "title": "Vulnerability description" }, { "category": "summary", "text": "openssl: client NULL dereference crash on malformed handshake packets", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of openssl as shipped with Red Hat Enterprise Linux 5 and earlier.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-4353" }, { "category": "external", "summary": "RHBZ#1049058", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1049058" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-4353", "url": "https://www.cve.org/CVERecord?id=CVE-2013-4353" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4353", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4353" } ], "release_date": "2014-01-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-04-17T12:23:34+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0416" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "openssl: client NULL dereference crash on malformed handshake packets" }, { "acknowledgments": [ { "names": [ "OpenSSL project" ] }, { "names": [ "Neel Mehta" ], "organization": "Google Security", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2014-0160", "cwe": { "id": "CWE-201", "name": "Insertion of Sensitive Information Into Sent Data" }, "discovery_date": "2014-04-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1084875" } ], "notes": [ { "category": "description", "text": "An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys.", "title": "Vulnerability description" }, { "category": "summary", "text": "openssl: information disclosure in handling of TLS heartbeat extension packets", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of openssl as shipped with Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6.4 and earlier, Red Hat JBoss Enterprise Application Platform 5 and 6, and Red Hat JBoss Web Server 1 and 2. This issue does affect Red Hat Enterprise Linux 7 Beta, Red Hat Enterprise Linux 6.5, Red Hat Enterprise Virtualization Hypervisor 6.5, and Red Hat Storage 2.1, which provided openssl 1.0.1e. Errata have been released to correct this issue.\n\nAdditional information can be found in the Red Hat Knowledgebase article: https://access.redhat.com/site/announcements/781953", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0160" }, { "category": "external", "summary": "RHBZ#1084875", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1084875" }, { "category": "external", "summary": "RHSB-heartbleed", "url": "https://access.redhat.com/security/vulnerabilities/heartbleed" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0160", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0160" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0160", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0160" }, { "category": "external", "summary": "http://www.openssl.org/news/secadv_20140407.txt", "url": "http://www.openssl.org/news/secadv_20140407.txt" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2014-04-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-04-17T12:23:34+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0416" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Server-RHEV-S-3.3:rhevm-spice-client-0:3.3-12.el6_5.src", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x64-msi-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-cab-0:3.3-12.el6_5.noarch", "6Server-RHEV-S-3.3:rhevm-spice-client-x86-msi-0:3.3-12.el6_5.noarch" ] } ], "threats": [ { "category": "exploit_status", "date": "2022-05-04T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Important" } ], "title": "openssl: information disclosure in handling of TLS heartbeat extension packets" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.