CVE-2015-3195: Infoleak
First published: Thu Dec 03 2015(Updated: )
A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/openssl | <0.9.8 | 0.9.8 |
| redhat/openssl | <1.0.0 | 1.0.0 |
| redhat/openssl | <1.0.2 | 1.0.2 |
| redhat/openssl | <0:0.9.8e-37.el5_11 | 0:0.9.8e-37.el5_11 |
| redhat/openssl | <0:1.0.1e-42.el6_7.1 | 0:1.0.1e-42.el6_7.1 |
| redhat/openssl | <1:1.0.1e-51.el7_2.1 | 1:1.0.1e-51.el7_2.1 |
| Apple iOS and macOS | <10.11.4 | |
| Oracle API Gateway | =11.1.2.3.0 | |
| Oracle API Gateway | =11.1.2.4.0 | |
| Oracle WebRTC Session Controller | =7.0 | |
| Oracle WebRTC Session Controller | =7.1 | |
| Oracle WebRTC Session Controller | =7.2 | |
| Oracle Exalogic Infrastructure | =1.0 | |
| Oracle Exalogic Infrastructure | =2.0 | |
| Oracle HTTP Server | =11.5.10.2 | |
| Oracle Life Sciences Data Hub | =2.1 | |
| Oracle Sun Ray Software | =11.1 | |
| Oracle Transportation Execution | =6.1 | |
| Oracle Transportation Execution | =6.2 | |
| Oracle VM Server | =3.2 | |
| Oracle VirtualBox | <4.3.36 | |
| Oracle VirtualBox | >=5.0.0<5.0.14 | |
| Oracle Integrated Lights Out Manager | >=3.0<=4.0.4 | |
| Oracle Linux | =5 | |
| Oracle Linux | =6 | |
| Oracle Linux | =7 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =10 | |
| Oracle Solaris and Zettabyte File System (ZFS) | =11.3 | |
| OpenSSL | <0.9.8zh | |
| OpenSSL | >=1.0.0<1.0.0t | |
| OpenSSL | >=1.0.1<1.0.1q | |
| OpenSSL | >=1.0.2<1.0.2e | |
| Red Hat Enterprise Linux Desktop | =5.0 | |
| Red Hat Enterprise Linux Desktop | =6.0 | |
| Red Hat Enterprise Linux Desktop | =7.0 | |
| Red Hat Enterprise Linux Server | =5.0 | |
| Red Hat Enterprise Linux Server | =6.0 | |
| Red Hat Enterprise Linux Server | =7.0 | |
| Red Hat Enterprise Linux Server | =7.2 | |
| Red Hat Enterprise Linux Server | =7.3 | |
| Red Hat Enterprise Linux Server | =7.4 | |
| Red Hat Enterprise Linux Server | =7.6 | |
| Red Hat Enterprise Linux Server | =7.7 | |
| Red Hat Enterprise Linux Server | =7.2 | |
| Red Hat Enterprise Linux Server | =7.3 | |
| Red Hat Enterprise Linux Server | =7.6 | |
| Red Hat Enterprise Linux Server | =7.7 | |
| Red Hat Enterprise Linux Workstation | =5.0 | |
| Red Hat Enterprise Linux Workstation | =6.0 | |
| Red Hat Enterprise Linux Workstation | =7.0 | |
| Ubuntu | =12.04 | |
| Ubuntu | =14.04 | |
| Ubuntu | =15.04 | |
| Ubuntu | =15.10 | |
| Debian | =7.0 | |
| Debian | =8.0 | |
| SUSE Linux | =42.1 | |
| SUSE Linux | =11.4 | |
| SUSE Linux | =13.1 | |
| SUSE Linux | =13.2 | |
| SUSE Linux Enterprise Server | =10-sp4 | |
| Fedora | =22 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://openssl.org/news/secadv/20151203.txt
- https://git.openssl.org/?p=openssl.git;a=commit;h=cc598f321fbac9c04da5766243ed55d55948637d
- https://git.openssl.org/?p=openssl.git;a=commit;h=b29ffa392e839d05171206523e84909146f7a77c
- https://git.openssl.org/?p=openssl.git;a=commit;h=cf432b3b1bd7caa22943b41b94ec2472ae497dc6
- https://git.openssl.org/?p=openssl.git;a=commit;h=2cdafc51f008e65b2d5263a80ad0e89e9b56c8d3
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1290334
- https://rhn.redhat.com/errata/RHSA-2015-2616.html
- https://rhn.redhat.com/errata/RHSA-2015-2617.html
- https://access.redhat.com/security/cve/CVE-2015-3195
- https://rhn.redhat.com/errata/RHSA-2016-2056.html
- https://rhn.redhat.com/errata/RHSA-2016-2054.html
- https://rhn.redhat.com/errata/RHSA-2016-2055.html
- https://rhn.redhat.com/errata/RHSA-2016-2957.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1288322
- https://www.cve.org/CVERecord?id=CVE-2015-3195 https://nvd.nist.gov/vuln/detail/CVE-2015-3195 https://openssl.org/news/secadv/20151203.txt
- https://access.redhat.com/errata/RHSA-2015:2616
- https://access.redhat.com/errata/RHSA-2015:2617
- https://access.redhat.com/errata/RHSA-2016:2957
- https://access.redhat.com/errata/RHSA-2016:2056
- http://fortiguard.com/advisory/openssl-advisory-december-2015
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
- http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173801.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html
- http://lists.opensuse.org/opensuse-updates/2015-12/msg00070.html
- http://lists.opensuse.org/opensuse-updates/2015-12/msg00071.html
- http://lists.opensuse.org/opensuse-updates/2015-12/msg00087.html
- http://lists.opensuse.org/opensuse-updates/2015-12/msg00103.html
- http://marc.info/?l=bugtraq&m=145382583417444&w=2
- http://openssl.org/news/secadv/20151203.txt
- http://rhn.redhat.com/errata/RHSA-2015-2616.html
- http://rhn.redhat.com/errata/RHSA-2015-2617.html
- http://rhn.redhat.com/errata/RHSA-2016-2056.html
- http://rhn.redhat.com/errata/RHSA-2016-2957.html
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl
- http://www.debian.org/security/2015/dsa-3413
- http://www.fortiguard.com/advisory/openssl-advisory-december-2015
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.securityfocus.com/bid/78626
- http://www.securityfocus.com/bid/91787
- http://www.securitytracker.com/id/1034294
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.754583
- http://www.ubuntu.com/usn/USN-2830-1
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944173
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131085
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05398322
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40100
- https://support.apple.com/HT206167
- https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=cc598f321fbac9c04da5766243ed55d55948637d
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the severity of CVE-2015-3195?
CVE-2015-3195 has been classified as a high-severity vulnerability due to its potential to cause excessive memory usage and crashes.
How do I fix CVE-2015-3195?
To remediate CVE-2015-3195, upgrade OpenSSL to version 0.9.8zh, 1.0.0t or later, or apply the appropriate vendor-specific patches if using affected versions.
Which versions of OpenSSL are affected by CVE-2015-3195?
CVE-2015-3195 affects OpenSSL versions up to and including 1.0.2 and 1.0.0, as well as 0.9.8.
Can CVE-2015-3195 be exploited remotely?
Yes, a remote attacker could exploit CVE-2015-3195 by sending specially crafted PKCS#7 or CMS data.
What type of applications are vulnerable to CVE-2015-3195?
Applications that parse PKCS#7 or CMS data from untrusted sources are vulnerable to CVE-2015-3195.
- collector/redhat-bugzilla
- alias/CVE-2015-3195
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- agent/severity
- agent/weakness
- agent/author
- agent/remedy
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/redhat
- vendor/apple
- canonical/apple ios and macos
- vendor/oracle
- canonical/oracle api gateway
- version/oracle api gateway/11.1.2.3.0
- version/oracle api gateway/11.1.2.4.0
- canonical/oracle webrtc session controller
- version/oracle webrtc session controller/7.0
- version/oracle webrtc session controller/7.1
- version/oracle webrtc session controller/7.2
- canonical/oracle exalogic infrastructure
- version/oracle exalogic infrastructure/1.0
- version/oracle exalogic infrastructure/2.0
- canonical/oracle http server
- version/oracle http server/11.5.10.2
- canonical/oracle life sciences data hub
- version/oracle life sciences data hub/2.1
- canonical/oracle sun ray software
- version/oracle sun ray software/11.1
- canonical/oracle transportation execution
- version/oracle transportation execution/6.1
- version/oracle transportation execution/6.2
- canonical/oracle vm server
- version/oracle vm server/3.2
- canonical/oracle virtualbox
- version/oracle virtualbox/5.0.0
- canonical/oracle integrated lights out manager
- version/oracle integrated lights out manager/3.0
- version/oracle integrated lights out manager/4.0.4
- canonical/oracle linux
- version/oracle linux/5
- version/oracle linux/6
- version/oracle linux/7
- canonical/oracle solaris and zettabyte file system (zfs)
- version/oracle solaris and zettabyte file system (zfs)/10
- version/oracle solaris and zettabyte file system (zfs)/11.3
- vendor/openssl
- canonical/openssl
- version/openssl/1.0.0
- version/openssl/1.0.1
- version/openssl/1.0.2
- vendor/redhat
- canonical/red hat enterprise linux desktop
- version/red hat enterprise linux desktop/5.0
- version/red hat enterprise linux desktop/6.0
- version/red hat enterprise linux desktop/7.0
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/5.0
- version/red hat enterprise linux server/6.0
- version/red hat enterprise linux server/7.0
- version/red hat enterprise linux server/7.2
- version/red hat enterprise linux server/7.3
- version/red hat enterprise linux server/7.4
- version/red hat enterprise linux server/7.6
- version/red hat enterprise linux server/7.7
- canonical/red hat enterprise linux workstation
- version/red hat enterprise linux workstation/5.0
- version/red hat enterprise linux workstation/6.0
- version/red hat enterprise linux workstation/7.0
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/12.04
- version/ubuntu/14.04
- version/ubuntu/15.04
- version/ubuntu/15.10
- vendor/debian
- canonical/debian
- version/debian/7.0
- version/debian/8.0
- vendor/opensuse
- canonical/suse linux
- version/suse linux/42.1
- version/suse linux/11.4
- version/suse linux/13.1
- version/suse linux/13.2
- vendor/suse
- canonical/suse linux enterprise server
- version/suse linux enterprise server/10-sp4
- vendor/fedoraproject
- canonical/fedora
- version/fedora/22