OpenSSL DTLS infinite recursion stack overflow (CVE-2014-0221)

Description: OpenSSL version 1.0.1g and earlier - as well as all software that integrates these versions of OpenSSL - are vulnerable to stack overflow caused by infinite recursion in the code establishing DTLS client connection, allowing remote attackers to perform denial of service. The vulnerable code is located before the SSL handshake takes place, but it might be triggered after the handshake as well.

Affected software products:
- OpenSSL up to and including 1.0.1g
- OpenSSL up to and including 1.0.0l
- OpenSSL up to and including 0.9.8y

A malicious DTLS server is able to construct DTLS packets which result segmentation fault on the client side caused by infinite recursion exhausting the memory area reserved for the stack.

Specifically, the dtls1_get_message_fragment() function receives Hello Requests as a client, it reinvokes itself without any limitation on the depth.

An attacker might cause the DTLS application on the client side to crash with segmentation fault error. If no watchdog service secures the operation there, the service would be permanently down until manual restart.

This vulnerability has been fixed in the latest (1.0.1h, 1.0.0m, 0.9.8z) version of OpenSSL [2]. All developers using DTLS functions of OpenSSL code are recommended to upgrade to the mentioned versions.

This vulnerability was discovered and researched Imre Rad from SEARCH-LAB Ltd. (