Wind River Support Network

Description

OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation for the handshake header than for the handshake body, related to the dtls1_get_record function in d1_pkt.c and the ssl3_read_n function in s3_pkt.c.<a href=http://cwe.mitre.org/data/definitions/476.html>CWE-476: NULL Pointer Dereference</a>

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3571

Other Downloads

• Wind River Linux 7.0.0.14
• Wind River Linux 7.0.0.15
• Wind River Linux 7.0.0.16
• Wind River Linux 7.0.0.17
• Wind River Linux 7.0.0.18
• Wind River Linux 7.0.0.19
• Wind River Linux 7.0.0.20
• Wind River Linux 7.0.0.21
• Wind River Linux 7.0.0.22
• Wind River Linux 7.0.0.23
• Wind River Linux 7.0.0.24
• Wind River Linux 7.0.0.25
• Wind River Linux 7.0.0.26
• Wind River Linux 7.0.0.27
• Wind River Linux 7.0.0.28
• Wind River Linux 7.0.0.29
• Wind River Linux 7.0.0.30
• Wind River Linux 7.0.0.31

CVEs

• CVE-2014-3571