DSA-2981-1 polarssl -- polarsslID: oval:org.secpod.oval:def:601708 | Date: (C)2014-07-28 (M)2022-10-10 |
Class: PATCH | Family: unix |
A flaw was discovered in PolarSSL, a lightweight crypto and SSL/TLS library, which can be exploited by a remote unauthenticated attacker to mount a denial of service against PolarSSL servers that offer GCM ciphersuites. Potentially clients are affected too if a malicious server decides to execute the denial of service attack against its clients.
Product: |
libpolarssl-dev |
libpolarssl-runtime |