vulnerability
SUSE: CVE-2018-0732: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Jun 12, 2018 | Jul 7, 2018 | Feb 4, 2022 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Jun 12, 2018
Added
Jul 7, 2018
Modified
Feb 4, 2022
Description
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).
Solution(s)
suse-upgrade-compat-openssl097gsuse-upgrade-compat-openssl097g-32bitsuse-upgrade-firefox-atk-langsuse-upgrade-firefox-gdk-pixbuf-langsuse-upgrade-firefox-gdk-pixbuf-query-loaderssuse-upgrade-firefox-gdk-pixbuf-thumbnailersuse-upgrade-firefox-gio-branding-upstreamsuse-upgrade-firefox-glib2-langsuse-upgrade-firefox-glib2-toolssuse-upgrade-firefox-gtk3-branding-upstreamsuse-upgrade-firefox-gtk3-datasuse-upgrade-firefox-gtk3-immodule-amharicsuse-upgrade-firefox-gtk3-immodule-inuktitutsuse-upgrade-firefox-gtk3-immodule-multipresssuse-upgrade-firefox-gtk3-immodule-thaisuse-upgrade-firefox-gtk3-immodule-vietnamesesuse-upgrade-firefox-gtk3-immodule-ximsuse-upgrade-firefox-gtk3-immodules-tigrignasuse-upgrade-firefox-gtk3-langsuse-upgrade-firefox-gtk3-toolssuse-upgrade-firefox-libatk-1_0-0suse-upgrade-firefox-libcairo-gobject2suse-upgrade-firefox-libcairo2suse-upgrade-firefox-libffi4suse-upgrade-firefox-libffi7suse-upgrade-firefox-libgdk_pixbuf-2_0-0suse-upgrade-firefox-libgtk-3-0suse-upgrade-firefox-libharfbuzz0suse-upgrade-firefox-libpango-1_0-0suse-upgrade-libfirefox-gio-2_0-0suse-upgrade-libfirefox-glib-2_0-0suse-upgrade-libfirefox-gmodule-2_0-0suse-upgrade-libfirefox-gobject-2_0-0suse-upgrade-libfirefox-gthread-2_0-0suse-upgrade-libfreebl3suse-upgrade-libfreebl3-32bitsuse-upgrade-libopenssl-1_0_0-develsuse-upgrade-libopenssl-1_0_0-devel-32bitsuse-upgrade-libopenssl-1_1-develsuse-upgrade-libopenssl-1_1-devel-32bitsuse-upgrade-libopenssl-develsuse-upgrade-libopenssl-devel-32bitsuse-upgrade-libopenssl0_9_8suse-upgrade-libopenssl0_9_8-32bitsuse-upgrade-libopenssl0_9_8-hmacsuse-upgrade-libopenssl0_9_8-hmac-32bitsuse-upgrade-libopenssl0_9_8-x86suse-upgrade-libopenssl1-develsuse-upgrade-libopenssl10suse-upgrade-libopenssl1_0_0suse-upgrade-libopenssl1_0_0-32bitsuse-upgrade-libopenssl1_0_0-hmacsuse-upgrade-libopenssl1_0_0-hmac-32bitsuse-upgrade-libopenssl1_0_0-steamsuse-upgrade-libopenssl1_0_0-steam-32bitsuse-upgrade-libopenssl1_0_0-x86suse-upgrade-libopenssl1_1suse-upgrade-libopenssl1_1-32bitsuse-upgrade-libopenssl1_1-hmacsuse-upgrade-libopenssl1_1-hmac-32bitsuse-upgrade-libsoftokn3suse-upgrade-libsoftokn3-32bitsuse-upgrade-mozilla-nsprsuse-upgrade-mozilla-nspr-32bitsuse-upgrade-mozilla-nspr-develsuse-upgrade-mozilla-nsssuse-upgrade-mozilla-nss-32bitsuse-upgrade-mozilla-nss-certssuse-upgrade-mozilla-nss-certs-32bitsuse-upgrade-mozilla-nss-develsuse-upgrade-mozilla-nss-toolssuse-upgrade-mozillafirefoxsuse-upgrade-mozillafirefox-branding-sledsuse-upgrade-mozillafirefox-translations-commonsuse-upgrade-mozillafirefox-translations-othersuse-upgrade-nodejs10suse-upgrade-nodejs10-develsuse-upgrade-nodejs10-docssuse-upgrade-nodejs4suse-upgrade-nodejs4-develsuse-upgrade-nodejs4-docssuse-upgrade-nodejs6suse-upgrade-nodejs6-develsuse-upgrade-nodejs6-docssuse-upgrade-nodejs8suse-upgrade-nodejs8-develsuse-upgrade-nodejs8-docssuse-upgrade-npm10suse-upgrade-npm4suse-upgrade-npm6suse-upgrade-npm8suse-upgrade-opensslsuse-upgrade-openssl-1_0_0suse-upgrade-openssl-1_0_0-cavssuse-upgrade-openssl-1_0_0-docsuse-upgrade-openssl-1_1suse-upgrade-openssl-1_1-docsuse-upgrade-openssl-docsuse-upgrade-openssl1suse-upgrade-openssl1-docsuse-upgrade-python3-virtualboxsuse-upgrade-virtualboxsuse-upgrade-virtualbox-develsuse-upgrade-virtualbox-guest-desktop-iconssuse-upgrade-virtualbox-guest-kmp-defaultsuse-upgrade-virtualbox-guest-sourcesuse-upgrade-virtualbox-guest-toolssuse-upgrade-virtualbox-guest-x11suse-upgrade-virtualbox-host-kmp-defaultsuse-upgrade-virtualbox-host-sourcesuse-upgrade-virtualbox-qtsuse-upgrade-virtualbox-vncsuse-upgrade-virtualbox-websrv
References
- SUSE-SUSE-SU-2018:1887-1
- SUSE-SUSE-SU-2018:1887-2
- SUSE-SUSE-SU-2018:1968-1
- SUSE-SUSE-SU-2018:2036-1
- SUSE-SUSE-SU-2018:2041-1
- SUSE-SUSE-SU-2018:2207-1
- SUSE-SUSE-SU-2018:2449-1
- SUSE-SUSE-SU-2018:2534-1
- SUSE-SUSE-SU-2018:2545-1
- SUSE-SUSE-SU-2018:2647-1
- SUSE-SUSE-SU-2018:2683-1
- SUSE-SUSE-SU-2018:2796-1
- SUSE-SUSE-SU-2018:2812-1
- SUSE-SUSE-SU-2018:2956-1
- SUSE-SUSE-SU-2018:2965-1
- SUSE-SUSE-SU-2019:14246-1
- SUSE-SUSE-SU-2019:1553-1
- UBUNTU-USN-3692-1
- UBUNTU-USN-3692-2
- DEBIAN-DSA-4348
- DEBIAN-DSA-4355
- NVD-CVE-2018-0732
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.