CVE

CVE-2016-6309 (openssl)

CVE-2016-6309 (openssl)

statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service (use-after-free) or possibly execute arbitrary code via a crafted TLS session.

Source: CVE-2016-6309 (openssl)

Exit mobile version