oss-sec mailing list archives

Re: CVE request: openssl: null pointer dereference issue

From: Tomas Hoger <thoger () redhat com>
Date: Tue, 13 Mar 2012 10:02:50 +0100

On Mon, 12 Mar 2012 13:46:07 -0600 Kurt Seifried wrote:

Please use CVE-2012-1165 for this issue.


To clarify, the reply should have looked as:

 -- 8< --

Note that additional similar issue in mime_param_cmp was fixed in
0.9.8u and 1.0.0h as:
  http://cvs.openssl.org/chngview?cn=22252

This can also be triggered by malformed S/MIME message.


Please use CVE-2012-1165 for this issue.

The above commit also corrects an issue with the previous mime_hdr_cmp
fix that could cause the function to return either "less than" or
"greater than" when comparing NULL to non-NULL.  There's no known
security impact of this change, it seems it could cause verification /
decryption to fail when it can succeed. Reported by "bla".


 -- 8< --

to make ti clear that CVE-2012-1165 is for the mime_param_cmp issue
rather than mime_hdr_cmp fix correction.

-- 
Tomas Hoger / Red Hat Security Response Team

Current thread:

CVE request: openssl: null pointer dereference issue Matthias Weckbecker (Feb 27)
- Re: CVE request: openssl: null pointer dereference issue Kurt Seifried (Feb 27)
  - Re: CVE request: openssl: null pointer dereference issue Kurt Seifried (Feb 28)
- Re: CVE request: openssl: null pointer dereference issue Tomas Hoger (Mar 12)
  - Re: CVE request: openssl: null pointer dereference issue Kurt Seifried (Mar 12)
  - Re: CVE request: openssl: null pointer dereference issue Kurt Seifried (Mar 12)
    - Re: CVE request: openssl: null pointer dereference issue Tomas Hoger (Mar 13)