CVE-2014-9424

Published: Dec 29, 2014

Modified: Sep 16, 2024

PUBLISHED

Description

Double free vulnerability in the ssl_parse_clienthello_use_srtp_ext function in d1_srtp.c in LibreSSL before 2.1.2 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a certain length-verification error during processing of a DTLS handshake.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/robertbachmann/openbsd-libssl/commit/62a110d447bb8c16a4c69629e28a42e8c39fd7e0

x_refsource_CONFIRM

https://code.google.com/p/google-security-research/issues/detail?id=202

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-9424

Description

Affected Products

References