MGASA-2014-0204

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2014-0198

Published: 03 May 2014, 16:37

Last modified:16 Apr 2026, 06:24

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

03 May 2014, 16:37

Published

Vulnerability first disclosed

16 Apr 2026, 06:24

Last Modified

Vulnerability information updated

Description

Updated openssl packages fix CVE-2014-0198 Updated openssl packages fix security vulnerability: A null pointer dereference bug in OpenSSL 1.0.1g and earlier in so_ssl3_write() could possibly allow an attacker to cause generate an SSL alert which would cause OpenSSL to crash, resulting in a denial of service (CVE-2014-0198).

Affected Systems

mageia•openssl
< 1.0.1e-1.8.mga3
mageia•openssl
< 1.0.1e-8.5.mga4

References (4)

https://advisories.mageia.org/MGASA-2014-0204.html
http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/005_openssl.patch.sig
http://openwall.com/lists/oss-security/2014/05/02/6
https://bugs.mageia.org/show_bug.cgi?id=13309