LibreSSL memory leak vulnerability-vulnerability warning-the black bar safety net

ID MYHACK58:62201568404
Type myhack58
Reporter 佚名
Modified 2015-10-29T00:00:00


Affected system: LibreSSL LibreSSL 2.0.0 - 2.3.0 Description: -------------------------------------------------------------------------------- CVE(CAN) ID: CVE-2 0 1 5-5 3 3 3

LibreSSL is OpenSSL encryption software library a branch, is the Secure Sockets Layer(SSL)and Transport Layer Security(TLS)Protocol in the open-source implementation.

LibreSSL of the OBJ_obj2txt()function in the realization of the presence of memory disclosure vulnerability, a remote attacker could exploit this vulnerability may result in memory exhaustion, causing a denial of service or trigger a buffer overflow.

Recommendations: -------------------------------------------------------------------------------- Manufacturers patch:

LibreSSL \ -------- The current vendors have released an upgrade patch to fix this security issue, please go to the manufacturers home page download: