← Back to CVEs
CVE-2014-0198
N/ADescription
The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors that trigger an alert condition.
CVE Details
CVSS v3.1 ScoreN/A
Published5/6/2014
Last Modified4/12/2025
Sourcenvd
Honeypot Sightings0
Affected Products
debian:debian_linuxfedoraproject:fedoramariadb:mariadbopenssl:opensslopensuse:opensusesuse:linux_enterprise_desktopsuse:linux_enterprise_serversuse:linux_enterprise_software_development_kitsuse:linux_enterprise_workstation_extension
Weaknesses (CWE)
CWE-476
References
http://advisories.mageia.org/MGASA-2014-0204.html(secalert@redhat.com)
http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc(secalert@redhat.com)
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629(secalert@redhat.com)
http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195(secalert@redhat.com)
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html(secalert@redhat.com)
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html(secalert@redhat.com)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html(secalert@redhat.com)
http://lists.opensuse.org/opensuse-updates/2014-05/msg00036.html(secalert@redhat.com)
http://lists.opensuse.org/opensuse-updates/2014-05/msg00037.html(secalert@redhat.com)
http://marc.info/?l=bugtraq&m=140389274407904&w=2(secalert@redhat.com)
http://marc.info/?l=bugtraq&m=140389355508263&w=2(secalert@redhat.com)
http://marc.info/?l=bugtraq&m=140431828824371&w=2(secalert@redhat.com)
http://marc.info/?l=bugtraq&m=140448122410568&w=2(secalert@redhat.com)
http://marc.info/?l=bugtraq&m=140544599631400&w=2(secalert@redhat.com)
http://marc.info/?l=bugtraq&m=140621259019789&w=2(secalert@redhat.com)
http://marc.info/?l=bugtraq&m=140752315422991&w=2(secalert@redhat.com)
http://marc.info/?l=bugtraq&m=140904544427729&w=2(secalert@redhat.com)
http://marc.info/?l=bugtraq&m=141658880509699&w=2(secalert@redhat.com)
http://puppetlabs.com/security/cve/cve-2014-0198(secalert@redhat.com)
http://seclists.org/fulldisclosure/2014/Dec/23(secalert@redhat.com)
http://secunia.com/advisories/58337(secalert@redhat.com)
http://secunia.com/advisories/58667(secalert@redhat.com)
http://secunia.com/advisories/58713(secalert@redhat.com)
http://secunia.com/advisories/58714(secalert@redhat.com)
http://secunia.com/advisories/58939(secalert@redhat.com)
http://secunia.com/advisories/58945(secalert@redhat.com)
http://secunia.com/advisories/58977(secalert@redhat.com)
http://secunia.com/advisories/59126(secalert@redhat.com)
http://secunia.com/advisories/59162(secalert@redhat.com)
http://secunia.com/advisories/59163(secalert@redhat.com)
http://secunia.com/advisories/59190(secalert@redhat.com)
http://secunia.com/advisories/59202(secalert@redhat.com)
http://secunia.com/advisories/59264(secalert@redhat.com)
http://secunia.com/advisories/59282(secalert@redhat.com)
http://secunia.com/advisories/59284(secalert@redhat.com)
http://secunia.com/advisories/59287(secalert@redhat.com)
http://secunia.com/advisories/59300(secalert@redhat.com)
http://secunia.com/advisories/59301(secalert@redhat.com)
http://secunia.com/advisories/59306(secalert@redhat.com)
http://secunia.com/advisories/59310(secalert@redhat.com)
http://secunia.com/advisories/59342(secalert@redhat.com)
http://secunia.com/advisories/59374(secalert@redhat.com)
http://secunia.com/advisories/59398(secalert@redhat.com)
http://secunia.com/advisories/59413(secalert@redhat.com)
http://secunia.com/advisories/59437(secalert@redhat.com)
http://secunia.com/advisories/59438(secalert@redhat.com)
http://secunia.com/advisories/59440(secalert@redhat.com)
http://secunia.com/advisories/59449(secalert@redhat.com)
http://secunia.com/advisories/59450(secalert@redhat.com)
http://secunia.com/advisories/59490(secalert@redhat.com)
http://secunia.com/advisories/59491(secalert@redhat.com)
http://secunia.com/advisories/59514(secalert@redhat.com)
http://secunia.com/advisories/59525(secalert@redhat.com)
http://secunia.com/advisories/59529(secalert@redhat.com)
http://secunia.com/advisories/59655(secalert@redhat.com)
http://secunia.com/advisories/59666(secalert@redhat.com)
http://secunia.com/advisories/59669(secalert@redhat.com)
http://secunia.com/advisories/59721(secalert@redhat.com)
http://secunia.com/advisories/59784(secalert@redhat.com)
http://secunia.com/advisories/59990(secalert@redhat.com)
http://secunia.com/advisories/60049(secalert@redhat.com)
http://secunia.com/advisories/60066(secalert@redhat.com)
http://secunia.com/advisories/60571(secalert@redhat.com)
http://secunia.com/advisories/61254(secalert@redhat.com)
http://security.gentoo.org/glsa/glsa-201407-05.xml(secalert@redhat.com)
http://support.citrix.com/article/CTX140876(secalert@redhat.com)
http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15329.html(secalert@redhat.com)
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl(secalert@redhat.com)
http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163(secalert@redhat.com)
http://www-01.ibm.com/support/docview.wss?uid=swg21673137(secalert@redhat.com)
http://www-01.ibm.com/support/docview.wss?uid=swg21676035(secalert@redhat.com)
http://www-01.ibm.com/support/docview.wss?uid=swg21676062(secalert@redhat.com)
http://www-01.ibm.com/support/docview.wss?uid=swg21676419(secalert@redhat.com)
http://www-01.ibm.com/support/docview.wss?uid=swg21676529(secalert@redhat.com)
http://www-01.ibm.com/support/docview.wss?uid=swg21676655(secalert@redhat.com)
http://www-01.ibm.com/support/docview.wss?uid=swg21676879(secalert@redhat.com)
http://www-01.ibm.com/support/docview.wss?uid=swg21676889(secalert@redhat.com)
http://www-01.ibm.com/support/docview.wss?uid=swg21677527(secalert@redhat.com)
http://www-01.ibm.com/support/docview.wss?uid=swg21677695(secalert@redhat.com)
http://www-01.ibm.com/support/docview.wss?uid=swg21677828(secalert@redhat.com)
http://www-01.ibm.com/support/docview.wss?uid=swg21677836(secalert@redhat.com)
http://www-01.ibm.com/support/docview.wss?uid=swg21678167(secalert@redhat.com)
http://www-01.ibm.com/support/docview.wss?uid=swg21683332(secalert@redhat.com)
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754(secalert@redhat.com)
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755(secalert@redhat.com)
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756(secalert@redhat.com)
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757(secalert@redhat.com)
http://www.blackberry.com/btsc/KB36051(secalert@redhat.com)
http://www.debian.org/security/2014/dsa-2931(secalert@redhat.com)
http://www.fortiguard.com/advisory/FG-IR-14-018/(secalert@redhat.com)
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm(secalert@redhat.com)
http://www.ibm.com/support/docview.wss?uid=swg21676356(secalert@redhat.com)
http://www.ibm.com/support/docview.wss?uid=swg24037783(secalert@redhat.com)
http://www.mandriva.com/security/advisories?name=MDVSA-2014:080(secalert@redhat.com)
http://www.mandriva.com/security/advisories?name=MDVSA-2015:062(secalert@redhat.com)
http://www.openbsd.org/errata55.html#005_openssl(secalert@redhat.com)
http://www.openssl.org/news/secadv_20140605.txt(secalert@redhat.com)
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html(secalert@redhat.com)
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html(secalert@redhat.com)
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html(secalert@redhat.com)
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html(secalert@redhat.com)
http://www.securityfocus.com/archive/1/534161/100/0/threaded(secalert@redhat.com)
http://www.securityfocus.com/bid/67193(secalert@redhat.com)
http://www.vmware.com/security/advisories/VMSA-2014-0006.html(secalert@redhat.com)
http://www.vmware.com/security/advisories/VMSA-2014-0012.html(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=1093837(secalert@redhat.com)
https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf(secalert@redhat.com)
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946(secalert@redhat.com)
https://kb.bluecoat.com/index?page=content&id=SA80(secalert@redhat.com)
https://kc.mcafee.com/corporate/index?page=content&id=SB10075(secalert@redhat.com)
https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321(secalert@redhat.com)
https://www.novell.com/support/kb/doc.php?id=7015271(secalert@redhat.com)
http://advisories.mageia.org/MGASA-2014-0204.html(af854a3a-2127-422b-91ae-364da2661108)
http://aix.software.ibm.com/aix/efixes/security/openssl_advisory9.asc(af854a3a-2127-422b-91ae-364da2661108)
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629(af854a3a-2127-422b-91ae-364da2661108)
http://kb.juniper.net/InfoCenter/index?page=content&id=KB29195(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136470.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-updates/2014-05/msg00036.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-updates/2014-05/msg00037.html(af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=140389274407904&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=140389355508263&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=140431828824371&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=140448122410568&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=140544599631400&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=140621259019789&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=140752315422991&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=140904544427729&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=141658880509699&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://puppetlabs.com/security/cve/cve-2014-0198(af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2014/Dec/23(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/58337(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/58667(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/58713(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/58714(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/58939(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/58945(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/58977(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59126(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59162(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59163(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59190(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59202(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59264(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59282(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59284(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59287(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59300(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59301(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59306(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59310(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59342(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59374(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59398(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59413(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59437(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59438(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59440(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59449(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59450(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59490(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59491(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59514(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59525(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59529(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59655(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59666(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59669(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59721(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59784(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/59990(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/60049(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/60066(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/60571(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/61254(af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-201407-05.xml(af854a3a-2127-422b-91ae-364da2661108)
http://support.citrix.com/article/CTX140876(af854a3a-2127-422b-91ae-364da2661108)
http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15329.html(af854a3a-2127-422b-91ae-364da2661108)
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl(af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=nas8N1020163(af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=swg21673137(af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=swg21676035(af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=swg21676062(af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=swg21676419(af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=swg21676529(af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=swg21676655(af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=swg21676879(af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=swg21676889(af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=swg21677527(af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=swg21677695(af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=swg21677828(af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=swg21677836(af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=swg21678167(af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=swg21683332(af854a3a-2127-422b-91ae-364da2661108)
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095754(af854a3a-2127-422b-91ae-364da2661108)
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095755(af854a3a-2127-422b-91ae-364da2661108)
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095756(af854a3a-2127-422b-91ae-364da2661108)
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095757(af854a3a-2127-422b-91ae-364da2661108)
http://www.blackberry.com/btsc/KB36051(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2014/dsa-2931(af854a3a-2127-422b-91ae-364da2661108)
http://www.fortiguard.com/advisory/FG-IR-14-018/(af854a3a-2127-422b-91ae-364da2661108)
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=swg21676356(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=swg24037783(af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2014:080(af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2015:062(af854a3a-2127-422b-91ae-364da2661108)
http://www.openbsd.org/errata55.html#005_openssl(af854a3a-2127-422b-91ae-364da2661108)
http://www.openssl.org/news/secadv_20140605.txt(af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/534161/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/67193(af854a3a-2127-422b-91ae-364da2661108)
http://www.vmware.com/security/advisories/VMSA-2014-0006.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.vmware.com/security/advisories/VMSA-2014-0012.html(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=1093837(af854a3a-2127-422b-91ae-364da2661108)
https://cert-portal.siemens.com/productcert/pdf/ssa-234763.pdf(af854a3a-2127-422b-91ae-364da2661108)
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946(af854a3a-2127-422b-91ae-364da2661108)
https://kb.bluecoat.com/index?page=content&id=SA80(af854a3a-2127-422b-91ae-364da2661108)
https://kc.mcafee.com/corporate/index?page=content&id=SB10075(af854a3a-2127-422b-91ae-364da2661108)
https://rt.openssl.org/Ticket/Display.html?user=guest&pass=guest&id=3321(af854a3a-2127-422b-91ae-364da2661108)
https://www.novell.com/support/kb/doc.php?id=7015271(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.