CVE-2011-4619

Description

The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.

How to fix CVE-2011-4619

To remediate CVE-2011-4619, upgrade the affected package to a fixed version below.

• Debian/openssl—upgrade to 1.0.0h-1 or later

Is CVE-2011-4619 being exploited?

Low — EPSS is 3.2%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 1.0.0h-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2011-4619