What is the severity of USN-7018-1?

USN-7018-1 is considered a significant vulnerability due to the potential for remote attackers to eavesdrop on encrypted communications.

How do I fix USN-7018-1?

To resolve USN-7018-1, update to the patched version 1.0.1f-1ubuntu2.27+esm10 for both libssl1.0.0 and openssl on Ubuntu 14.04.

What products are affected by USN-7018-1?

USN-7018-1 affects Ubuntu 14.04 installations using libssl1.0.0 and openssl with specific versions prior to the update.

What type of vulnerability is USN-7018-1?

USN-7018-1 is a cryptographic vulnerability related to insecure Diffie-Hellman ciphersuites in the TLS specification.

Can USN-7018-1 be exploited remotely?

Yes, USN-7018-1 can be exploited by remote attackers to compromise encrypted communications.

Vulnerability/
USN-7018-1

18/9/2024

12/5/2025

USN-7018-1: OpenSSL vulnerabilities

First published: Wed Sep 18 2024(Updated: )

Robert Merget, Marcus Brinkmann, Nimrod Aviram, and Juraj Somorovsky discovered that certain Diffie-Hellman ciphersuites in the TLS specification and implemented by OpenSSL contained a flaw. A remote attacker could possibly use this issue to eavesdrop on encrypted communications. This was fixed in this update by removing the insecure ciphersuites from OpenSSL. (CVE-2020-1968) Paul Kehrer discovered that OpenSSL incorrectly handled certain input lengths in EVP functions. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2021-23840) Elison Niven discovered that OpenSSL incorrectly handled the c_rehash script. A local attacker could possibly use this issue to execute arbitrary commands when c_rehash is run. (CVE-2022-1292) Chancen and Daniel Fiala discovered that OpenSSL incorrectly handled the c_rehash script. A local attacker could possibly use this issue to execute arbitrary commands when c_rehash is run. (CVE-2022-2068) It was discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-3446) Bahaa Naamneh discovered that OpenSSL incorrectly handled certain malformed PKCS12 files. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2024-0727)

Affected Software	Affected Version	How to fix
OpenSSL

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the severity of USN-7018-1?
USN-7018-1 is considered a significant vulnerability due to the potential for remote attackers to eavesdrop on encrypted communications.
How do I fix USN-7018-1?
To resolve USN-7018-1, update to the patched version 1.0.1f-1ubuntu2.27+esm10 for both libssl1.0.0 and openssl on Ubuntu 14.04.
What products are affected by USN-7018-1?
USN-7018-1 affects Ubuntu 14.04 installations using libssl1.0.0 and openssl with specific versions prior to the update.
What type of vulnerability is USN-7018-1?
USN-7018-1 is a cryptographic vulnerability related to insecure Diffie-Hellman ciphersuites in the TLS specification.
Can USN-7018-1 be exploited remotely?
Yes, USN-7018-1 can be exploited by remote attackers to compromise encrypted communications.

agent/severity
agent/last-modified-date
agent/title
agent/first-publish-date
agent/type
agent/description
agent/trending
agent/source
collector/usn
source/Ubuntu
agent/event
agent/references
agent/softwarecombine
agent/guess-ai
agent/software-canonical-lookup
agent/tags
vendor/openssl
canonical/openssl