SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  OpenSSL ChaCha20-Poly1305 and RC4-MD5 Integer Underflow 2

Category: WEB-TLS      

An integer underflow vulnerability leading to an out of bounds read has been reported in OpenSSL. This vulnerability is due to the handling of truncated blocks in 32-bit versions of OpenSSL when using the ChaCha20-Poly1305 cipher in OpenSSL 1.1.x and the RC4-MD5 cipher in OpenSSL 1.0.x.

References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3731


Relevant Information