Advisory ID

12766

Release date

20160923

Last Updated

20160923

Issue Severity

None

Source

Source

openssl.org

Release date

20160922

CVSS v2 Base Score

Low

Problem Description

In a DTLS connection where handshake messages are delivered out-of-order those messages that OpenSSL is not yet ready to process will be buffered for later use. Under certain circumstances, a flaw in the logic means that those messages do not get removed from the buffer even though the handshake has been completed. An attacker could force up to approx. 15 messages to remain in the buffer when they are no longer required. These messages will be cleared when the DTLS connection is closed. The default maximum size for a message is 100k. Therefore the attacker could force an additional 1500k to be consumed per connection. By opening many simultaneous connections an attacker could cause a DoS attack through memory exhaustion.

Impact

None.

Affected Products

None - no Foxt products use the DTLS protocol.

Workaround

N/A.

Obtaining Fixed Software

N/A.

External References

OpenSSL Security Advisory










Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: May 25, 2018