CVE-2016-2180 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Low
Remote	Yes
Type	Denial of service
Description	The function TS_OBJ_print_bio() misuses OBJ_obj2txt(): the return value is the total length the OID text representation would use and not the amount of data written. This will result in OOB reads when large OIDs are presented.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-30	lib32-openssl	1:1.0.2.h-1	1:1.0.2.i-1	High	Fixed
AVG-29	openssl	1.0.2.h-1	1.0.2.i-1	High	Fixed	FS#49616

Date	Advisory	Group	Package	Severity	Type
26 Sep 2016	ASA-201609-24	AVG-30	lib32-openssl	High	multiple issues
26 Sep 2016	ASA-201609-23	AVG-29	openssl	High	multiple issues

References
https://www.openssl.org/news/secadv/20160922.txt