1
Candidate: CVE-2016-6308
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6308
5
https://www.openssl.org/news/secadv/20160922.txt
7
statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 before
8
1.1.0a allocates memory before checking for an excessive length, which
9
might allow remote attackers to cause a denial of service (memory
10
consumption) via crafted DTLS messages.
13
mdeslaur> only affects 1.1.0
16
Discovered-by: Shi Lei
20
upstream_openssl: needs-triage
21
precise_openssl: not-affected
22
trusty_openssl: not-affected
23
vivid/ubuntu-core_openssl: not-affected
24
vivid/stable-phone-overlay_openssl: not-affected
25
xenial_openssl: not-affected
26
devel_openssl: not-affected
29
upstream_openssl098: needs-triage
30
precise_openssl098: not-affected
31
trusty_openssl098: not-affected
32
vivid/ubuntu-core_openssl098: DNE
33
vivid/stable-phone-overlay_openssl098: DNE
34
xenial_openssl098: DNE