openssl: NULL dereference validating DSA public keyID: oval:org.secpod.oval:def:87674 | Date: (C)2023-02-21 (M)2024-02-19 |
Class: VULNERABILITY | Family: unix |
A flaw was found in OpenSSL. An invalid pointer dereference on read can be triggered when an application tries to check a malformed DSA public key by the EVP_PKEY_public_check() function, most likely leading to an application crash. This function can be called on public keys supplied from untrusted sources, which could allow an attacker to cause a denial of service.
Platform: |
Red Hat Enterprise Linux 9 |