Skip to content
GitLab
Commit 1d2a18dc authored by Matt Caswell's avatar Matt Caswell
Browse files

Multiblock corrupted pointer fix 



OpenSSL 1.0.2 introduced the "multiblock" performance improvement. This
feature only applies on 64 bit x86 architecture platforms that support AES
NI instructions. A defect in the implementation of "multiblock" can cause
OpenSSL's internal write buffer to become incorrectly set to NULL when
using non-blocking IO. Typically, when the user application is using a
socket BIO for writing, this will only result in a failed connection.
However if some other BIO is used then it is likely that a segmentation
fault will be triggered, thus enabling a potential DoS attack.

CVE-2015-0290

Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
parent 7ead0c89
Hide whitespace changes
Inline Side-by-side
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment