Heartbleed (CVE-2014-0160)

Heartbleed is a memory-disclosure vulnerability in OpenSSL's TLS heartbeat extension that leaked up to 64KB of server memory per request.

Definition

Heartbleed (CVE-2014-0160) is a buffer over-read in OpenSSL's implementation of the TLS heartbeat extension (RFC 6520). A malformed heartbeat request specified a payload length larger than the actual payload; OpenSSL trusted the length field and copied that many bytes back to the client — which now received up to 64KB of whatever OpenSSL had in adjacent memory. The leaked memory included session keys, server private keys, password hashes, and request bodies from concurrent users.

The bug was disclosed in April 2014. It affected an enormous fraction of the public internet's HTTPS infrastructure — any version of OpenSSL from 1.0.1 through 1.0.1f. The remediation effort included not just patching OpenSSL but rotating every TLS certificate and revoking the old ones, because there was no way to know whether private keys had been exfiltrated.

Impact

Massive credential and private-key disclosure across the public internet.

Mitigation

Patch OpenSSL to 1.0.1g or later. Rotate every TLS certificate issued prior to the patch. Revoke prior certificates.

See also

References