Emilia Kã¤Sper

**Name of the Vulnerable Software and Affected Versions** OpenSSL versions 1.0.1 through 1.0.1s OpenSSL versions 1.0.2 through 1.0.2g **Description** The issue is related to errors in resource management in the SRP VBASE get by user function implementation in OpenSSL. It allows a remote attacker to cause a denial of service (memory consumption) by providing an invalid username in a connection attempt. This can lead to a memory leak, potentially causing the service to become unresponsive. Additionally, there is a mention of a side-channel attack that could lead to the recovery of RSA keys, but details are not provided. **Recommendations** For OpenSSL versions 1.0.1 through 1.0.1s, update to version 1.0.1s or later to resolve the issue. For OpenSSL versions 1.0.2 through 1.0.2g, update to version 1.0.2g or later to resolve the issue. As a temporary workaround, consider restricting access to the SRP VBASE get by user function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** OpenSSL versions 0.9.8 before 0.9.8zg OpenSSL versions 1.0.0 before 1.0.0s OpenSSL versions 1.0.1 before 1.0.1n OpenSSL versions 1.0.2 before 1.0.2b **Description** The issue is related to a race condition in the `ssl3 get new session ticket` function, which can be exploited by remote attackers to cause a denial of service (double free and application crash) or possibly have other unspecified impacts. This occurs when a NewSessionTicket is provided during an attempt to reuse a ticket that had been obtained earlier, specifically in multi-threaded client scenarios. The vulnerability is associated with errors in accessing shared resources. **Recommendations** For OpenSSL versions 0.9.8 before 0.9.8zg, update to version 0.9.8zg or later. For OpenSSL versions 1.0.0 before 1.0.0s, update to version 1.0.0s or later. For OpenSSL versions 1.0.1 before 1.0.1n, update to version 1.0.1n or later. For OpenSSL versions 1.0.2 before 1.0.2b, update to version 1.0.2b or later. As a temporary workaround, consider restricting access to the `ssl3 get new session ticket` function to minimize the risk of exploitation.