Description
Race condition in a certain Red Hat patch to the PRNG lock implementation in the ssleay_rand_bytes function in OpenSSL, as distributed in openssl-1.0.1e-25.el7 in Red Hat Enterprise Linux (RHEL) 7 and other products, allows remote attackers to cause a denial of service (application crash) by establishing many TLS sessions to a multithreaded server, leading to use of a negative value for a certain length field.
Remediation
References
Related Vulnerabilities
WordPress Plugin Recommend to a friend Cross-Site Scripting (2.0.2)
WordPress Plugin WP Limit Posts Automatically Cross-Site Request Forgery (0.7)
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2017-2670)
WordPress Plugin Import and export users and customers Multiple Vulnerabilities (1.14.0.2)
WordPress Plugin youForms for WordPress-Creating Forms for CopeCart Cross-Site Scripting (1.0.5)