CVE-2018-1000807

Published: Oct 8, 2018Modified: Nov 21, 2024

8.1

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.2 / Impact: 5.9

Source: NVD

Description

Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possible denial of service or remote code execution.. This attack appear to be exploitable via Depends on the calling application and if it retains a reference to the memory.. This vulnerability appears to have been fixed in 17.5.0.

Affected (6)

Products: Pyopenssl: Pyopenssl · Canonical: Ubuntu Linux · Redhat: Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Workstation, Openstack

1 product

1 product

4 products

Enterprise Linux Desktop

Enterprise Linux Server

Enterprise Linux Workstation

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Pyopenssl Pyopenssl	Before 17.5.0

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 16.04

Configuration C

4 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 7.0
Redhat Enterprise Linux Server	Version 7.0
Redhat Enterprise Linux Workstation	Version 7.0
Redhat Openstack	Version 13

Related CWEs

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (10)

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00014.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://access.redhat.com/errata/RHSA-2019:0085

Source: cve@mitre.org

Third Party Advisory

https://github.com/pyca/pyopenssl/commit/e73818600065821d588af475b024f4eb518c3509

Source: cve@mitre.org

https://github.com/pyca/pyopenssl/pull/723

Source: cve@mitre.org

PatchThird Party Advisory

https://usn.ubuntu.com/3813-1/

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00014.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://access.redhat.com/errata/RHSA-2019:0085

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://github.com/pyca/pyopenssl/commit/e73818600065821d588af475b024f4eb518c3509

Source: af854a3a-2127-422b-91ae-364da2661108

https://github.com/pyca/pyopenssl/pull/723

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://usn.ubuntu.com/3813-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.