CVE-2015-5333: High severity macos mojave vulnerability

Q: What is CVE-2015-5333?

CVE-2015-5333 is a vulnerability in LibreSSL that allows remote attackers to cause a denial of service (memory consumption) by exploiting a memory leak in the OBJ_obj2txt function.

Q: What is the severity of CVE-2015-5333?

The severity of CVE-2015-5333 is high, with a severity score of 7.5.

Q: How can I fix CVE-2015-5333 on macOS Mojave?

To fix CVE-2015-5333 on macOS Mojave, update to version 10.14 or later of macOS.

Q: How can I fix CVE-2015-5333 in LibreSSL on OpenBSD?

To fix CVE-2015-5333 in LibreSSL on OpenBSD, update to version 2.3.1 or later of LibreSSL.

Q: How can I fix CVE-2015-5333 in opensuse?

To fix CVE-2015-5333 in opensuse, update to version 13.2 or later of opensuse.

Published Sep 24, 2018

Updated

LibreSSL. Multiple issues were addressed by updating to libressl version 2.6.4.

Other sources

Memory leak in the OBJobj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of service (memory consumption) via a large number of ASN.1 object identifiers in X.509 certificates.

Credit

CVE-2015-3194, CVE-2015-5333, CVE-2015-5334, CVE-2016-0702

Affected Software

3 affected componentsFixes available

Apple macOS Mojave<10.14

10.14

OpenBSD LibreSSL<2.3.1

openSUSE openSUSE=13.2

Event History

Jan 23, 2020

CVE Published

via MITRE·08:12 PM

Data Sourced

via MITRE·08:12 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

HT209139

Peer vulnerabilities

Found alongside the following vulnerabilities.

CVE-2018-5383
CVE-2018-4295
CVE-2018-4324
CVE-2018-4417
CVE-2018-4353
CVE-2017-12613
CVE-2017-12618
CVE-2018-4411
CVE-2018-4308
CVE-2018-4321
CVE-2018-4126
CVE-2018-4412
CVE-2018-4414
CVE-2018-4347
CVE-2018-4333
CVE-2018-4153
CVE-2018-4406
CVE-2018-4346
CVE-2018-4296
CVE-2018-4433
CVE-2019-8643
CVE-2017-5731
CVE-2017-5732
CVE-2017-5733
CVE-2017-5734
CVE-2017-5735
CVE-2018-4426
CVE-2018-4331
CVE-2018-4332
CVE-2018-4343
CVE-2018-3646
CVE-2018-4355
CVE-2018-4396
CVE-2018-4418
CVE-2018-4351
CVE-2018-4350
CVE-2018-4334
CVE-2018-4451
CVE-2018-4456
CVE-2018-4408
CVE-2018-4341
CVE-2018-4354
CVE-2018-4383
CVE-2018-4401
CVE-2018-4399
CVE-2018-4407
CVE-2018-4336
CVE-2018-4337
CVE-2018-4340
CVE-2018-4344
CVE-2018-4425
CVE-2015-3194
CVE-2015-5333
CVE-2015-5334
CVE-2016-0702
CVE-2018-4348
CVE-2018-4326
CVE-2018-4310
CVE-2018-3639
CVE-2018-4395
CVE-2016-1777
CVE-2018-4393
CVE-2018-4203
CVE-2018-4304
CVE-2018-4338

Frequently Asked Questions

What is CVE-2015-5333?

CVE-2015-5333 is a vulnerability in LibreSSL that allows remote attackers to cause a denial of service (memory consumption) by exploiting a memory leak in the OBJ_obj2txt function.

What is the severity of CVE-2015-5333?