OpenSSL CVE-2016-7054 Privilege Escalation Vulnerability
Description
Severity: HighTLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoSattack by corrupting larger payloads. This can result in an OpenSSL crash. Thisissue is not considered to be exploitable beyond a DoS.OpenSSL 1.1.0 users should upgrade to 1.1.0cThis issue does not affect OpenSSL versions prior to 1.1.0This issue was reported to OpenSSL on 25th September 2016 by Robertwas developed by Richard Levitte of the OpenSSL development team.
Affected Applications
OpenSSL