virus logo FortiClient Vulnerability

OpenSSL CVE-2015-1791 Race Condition Vulnerability

description-logoDescription

Severity: LowIf a NewSessionTicket is received by a multi-threaded client when attempting toreuse a previous ticket then a race condition can occur potentially leading toa double free of the ticket data.This issue affects all current OpenSSL versions: 1.0.2, 1.0.1, 1.0.0 and 0.9.8.OpenSSL 1.0.2 users should upgrade to 1.0.2bOpenSSL 1.0.1 users should upgrade to 1.0.1nOpenSSL 1.0.0 users should upgrade to 1.0.0sOpenSSL 0.9.8 users should upgrade to 0.9.8zgThis issue was discovered by Emilia Ksper of the OpenSSL development team. Thefix was developed by Matt Caswell of the OpenSSL development team.

affected-products-logoAffected Applications

OpenSSL

CVE References

CVE-2015-1791

Other References

https://www.openssl.org/news/vulnerabilities.html
ID 39838
Created Jan 17, 2020
Description
Updated		 Dec 19, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor OpenSSL
Patch manual
Application OpenSSL