Description
statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted DTLS messages.
Remediation
References
Related Vulnerabilities
Oracle Application Server Other Vulnerability (CVE-2007-0289)
Jboss EAP CVE-2023-3223 Vulnerability (CVE-2023-3223)
WordPress Plugin WP Fastest Cache Arbitrary File Deletion (0.8.9.0)
MySQL CVE-2019-2739 Vulnerability (CVE-2019-2739)
Mailman Insufficiently Protected Credentials Vulnerability (CVE-2021-43332)