Description
In OpenSSL 1.1.0 before 1.1.0c, TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS attack by corrupting larger payloads. This can result in an OpenSSL crash. This issue is not considered to be exploitable beyond a DoS.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Books Gallery Unspecified Vulnerability (4.4.1)
Apache Tomcat Improper Certificate Validation Vulnerability (CVE-2018-8034)
MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2016-9417)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9735)