OpenSSL Integer Overflow or Wraparound Vulnerability - CVE-2016-2177

OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior related to s3_srvr.c ssl_sess.c and t1_lib.c.