View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2012-2686 severity moderate: SUSE including 123 source package names (compat-openssl098, libopenssl-1_0_0-devel, …), 324 product×package rows across 51 product lines (SUSE CaaS Platform 4.0, SUSE Enterprise Storage 6, … (51 product lines)): Known Not Affected 165, Fixed 159.
crypto/evp/e_aes_cbc_hmac_sha1.c in the AES-NI functionality in the TLS 1.1 and 1.2 implementations in OpenSSL 1.0.1 before 1.0.1d allows remote attackers to cause a denial of service (application crash) via crafted CBC data.