colinardo
Goto Top

OpenSSL version 3.0.4 affected by serious security vulnerability

Admins/users running OpenSSL version 3.0.4 dated June 21, 2022 should update their systems to version 3.0.5 as soon as possible. The vulnerability allows remote code execution to execute foreign code on the affected systems.
The above mentioned version is affected on systems that support the AVX512IFMA CPU extensions and occurs in connection with RSA 2048bit private keys. OpenSSL branches 1.1.1 and 1.0.2 are not affected.

OpenSSL Security Advisory [5 July 2022]

Regards
@colinardo

Content-Key: 3268441470

Url: https://administrator.de/contentid/3268441470

Printed on: December 4, 2022 at 00:12 o'clock