Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Race condition in a certain Red Hat patch to the PRNG lock implementation in the ssleay_rand_bytes function in OpenSSL, as distributed in openssl-1.0.1e-25.el7 in Red Hat Enterprise Linux (RHEL) 7 and other products, allows remote attackers to cause a denial of service (application crash) by establishing many TLS sessions to a multithreaded server, leading to use of a negative value for a certain length field.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat Enterprise Linux OpenSSL‘ssleay_rand_bytes()’函数竞争条件漏洞
Vulnerability Description
OpenSSL是OpenSSL团队开发的一个开源的能够实现安全套接层(SSL v2/v3)和安全传输层(TLS v1)协议的通用加密库。Red Hat Enterprise Linux(RHEL)是美国红帽(Red Hat)公司维护和发布的一套面向企业用户的Linux操作系统。 RHEL 6版本和7版本中分发的OpenSSL 1.0.1e-25.el7版本源码包中的‘ssleay_rand_bytes’函数中的PRNG锁屏实现过程的Red Hat补丁存在竞争条件漏洞。远程攻击者可通过与多线程服务器建立多个
CVSS Information
N/A
Vulnerability Type
N/A