Description
Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed DSA private key.
Remediation
References
Related Vulnerabilities
Apache Tomcat Improper Encoding or Escaping of Output Vulnerability (CVE-2025-31651)
Oracle Database Server Cryptographic Issues Vulnerability (CVE-2006-0270)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2026-27100)
Python Integer Overflow or Wraparound Vulnerability (CVE-2008-3143)