Resolution for Openssl Security Vulnerability in Mar 2018(CVE-2017-3738, CVE-2018-0733, CVE-2018-0739)

Solution Verified - Updated -

Issue

  • CVE-2017-3738: openssl: rsaz_1024_mul_avx2 overflow bug on x86_64.
  • CVE-2018-0733: openssl: Implementation bug in PA-RISC CRYPTO_memcmp function allows attackers to forge authenticated messages in a reduced number of attempts.
  • CVE-2018-0739: CVE-2018-0739 openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service.

Environment

  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 5

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In