Description
Race condition in a certain Red Hat patch to the PRNG lock implementation in the ssleay_rand_bytes function in OpenSSL, as distributed in openssl-1.0.1e-25.el7 in Red Hat Enterprise Linux (RHEL) 7 and other products, allows remote attackers to cause a denial of service (application crash) by establishing many TLS sessions to a multithreaded server, leading to use of a negative value for a certain length field.
Remediation
References
Related Vulnerabilities
WordPress Plugin History Collection Arbitrary File Download (1.1.1)
WordPress Plugin uTubeVideo Gallery Unspecified Vulnerability (2.0.4)
WordPress Plugin W3 Total Cache Backdoor (0.9.2.2)
Microsoft SQL Server Other Vulnerability (CVE-2001-0344)
WordPress Plugin Simple File Downloader Cross-Site Scripting (1.0.4)