CVE-2015-3196 : ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-thread

ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message.

Published 2015-12-06 20:59:07

Updated 2022-12-13 12:15:16

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Memory CorruptionDenial of service

Exploit prediction scoring system (EPSS) score for CVE-2015-3196

Probability of exploitation activity in the next 30 days: 3.92%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 91 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2015-3196

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:N/A:P	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

CWE ids for CVE-2015-3196

CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2015-3196

http://www.fortiguard.com/advisory/openssl-advisory-december-2015

FortiGuard
Third Party Advisory

CVEs referencing this url
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761

Juniper Networks - 2016-10 Security Bulletin: CTPView: Multiple vulnerabilities in CTPView
Third Party Advisory

CVEs referencing this url
http://marc.info/?l=bugtraq&m=145382583417444&w=2

'[security bulletin] HPSBGN03536 rev.1 - HP IceWall Products running OpenSSL, Remote and Local Denial' - MARC
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

cpuapr2016v3
Patch;Third Party Advisory

CVEs referencing this url
http://www.securitytracker.com/id/1034294

OpenSSL Multiple Bugs Let Remote Users Deny Service and Obtain Potentially Sensitive Information - SecurityTracker
Third Party Advisory;VDB Entry

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2016-2957.html

RHSA-2016:2957 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944173

HPSBGN03536 rev.1 - HP IceWall Products running OpenSSL, Remote and Local Denial of Service (DoS)
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-updates/2015-12/msg00071.html

openSUSE-SU-2015:2289-1: moderate: Security update for openssl
Mailing List;Third Party Advisory

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2015-2617.html

RHSA-2015:2617 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Oracle Critical Patch Update - October 2017
Patch;Third Party Advisory

CVEs referencing this url
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

Oracle Linux Bulletin - October 2015
Third Party Advisory

CVEs referencing this url
http://openssl.org/news/secadv/20151203.txt

Vendor Advisory

CVEs referencing this url
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40100

Pulse Security Advisory: SA40100 - [Pulse Secure] December 3rd 2015 OpenSSL Security Advisory
Third Party Advisory

CVEs referencing this url
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html

Oracle Solaris Bulletin - January 2016
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-updates/2015-12/msg00070.html

openSUSE-SU-2015:2288-1: moderate: Security update for OpenSSL
Mailing List;Third Party Advisory

CVEs referencing this url
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322

Sorry
Third Party Advisory

CVEs referencing this url
https://git.openssl.org/?p=openssl.git;a=commit;h=3c66a669dfc7b3792f7af0758ea26fe8502ce70c

git.openssl.org Git - openssl.git/commit
Vendor Advisory
http://www.debian.org/security/2015/dsa-3413

Debian -- Security Information -- DSA-3413-1 openssl
Third Party Advisory

CVEs referencing this url
http://fortiguard.com/advisory/openssl-advisory-december-2015

FortiGuard
Third Party Advisory

CVEs referencing this url
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

CVEs referencing this url
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.754583

The Slackware Linux Project: Slackware Security Advisories
Third Party Advisory

CVEs referencing this url
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759

Juniper Networks - 2016-10 Security Bulletin: OpenSSL security updates
Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2830-1

USN-2830-1: OpenSSL vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl

Multiple Vulnerabilities in OpenSSL (December 2015) Affecting Cisco Products
Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/78622

OpenSSL CVE-2015-3196 Denial of Service Vulnerability
VDB Entry;Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173801.html

[SECURITY] Fedora 22 Update: openssl-1.0.1k-13.fc22
Mailing List;Third Party Advisory

CVEs referencing this url

Products affected by CVE-2015-3196

HP » Icewall Sso Agent Option » Version: 10.0
cpe:2.3:a:hp:icewall_sso_agent_option:10.0:*:*:*:*:*:*:*
Matching versions
HP » Icewall Sso » Version: 10.0 Certd Edition
cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:certd:*:*:*
Matching versions
Debian » Debian Linux » Version: 7.0
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Desktop » Version: 6.0
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Desktop » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server » Version: 6.0
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Workstation » Version: 6.0
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Workstation » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Aus » Version: 7.3
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Aus » Version: 7.4
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Aus » Version: 7.2
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Eus » Version: 7.3
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Eus » Version: 7.4
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Eus » Version: 7.6
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Eus » Version: 7.2
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Eus » Version: 7.5
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Eus » Version: 6.7
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Tus » Version: 7.3
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Tus » Version: 7.6
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server Tus » Version: 7.2
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
Matching versions
Oracle » Vm Virtualbox
Versions from including (>=) 5.0.0 and up to, including, (<=) 5.0.13
cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*
Matching versions
Oracle » Vm Virtualbox
Versions from including (>=) 4.3.0 and up to, including, (<=) 4.3.35
cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.0
cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.0a
cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.0b
cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.1f
cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.0g
cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.0f
cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.0e
cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.1c
cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.1b
cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.0k
cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.0j
cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.1e
cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.1d
cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.1
cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.0l
cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.0d
cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.0c
cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.1a
cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.0i
cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.0h
cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.1g
cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.0m
cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.1h
cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.1i
cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.0n
cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.1j
cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.0o
cpe:2.3:a:openssl:openssl:1.0.0o:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.1l
cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.1k
cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.0p
cpe:2.3:a:openssl:openssl:1.0.0p:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.0q
cpe:2.3:a:openssl:openssl:1.0.0q:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.0r
cpe:2.3:a:openssl:openssl:1.0.0r:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.1m
cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.1n
cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.1o
cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*
Matching versions
Openssl » Openssl » Version: 1.0.0s
cpe:2.3:a:openssl:openssl:1.0.0s:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 15.04
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 15.10
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 12.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 14.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 22
cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2015-3196

Exploit prediction scoring system (EPSS) score for CVE-2015-3196

CVSS scores for CVE-2015-3196

CWE ids for CVE-2015-3196

References for CVE-2015-3196

Products affected by CVE-2015-3196