Actions
Bug #3853
closedMulti-byte Heap buffer over-read in ssl parser
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport, Needs backport to 4.1, Needs backport to 5.0
Description
Found by oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24534
Problem is reuse of session_id_length
in different contexts : SSLv2 and TLSv1.3
Updated by Victor Julien about 4 years ago
- Target version changed from 6.0.0rc1 to 6.0.0
- Affected Versions 6.0.0rc1 added
Updated by Jeff Lucovsky about 4 years ago
- Copied to Bug #3941: Multi-byte Heap buffer over-read in ssl parser added
Updated by Jeff Lucovsky about 4 years ago
- Copied to Bug #3942: Multi-byte Heap buffer over-read in ssl parser added
Updated by Victor Julien almost 4 years ago
- Status changed from In Review to Closed
Actions