Goto Top

OpenSSL version 3.0.4 affected by serious security vulnerability

Admins/users running OpenSSL version 3.0.4 dated June 21, 2022 should update their systems to version 3.0.5 as soon as possible. The vulnerability allows remote code execution to execute foreign code on the affected systems.
The above mentioned version is affected on systems that support the AVX512IFMA CPU extensions and occurs in connection with RSA 2048bit private keys. OpenSSL branches 1.1.1 and 1.0.2 are not affected.

OpenSSL Security Advisory [5 July 2022]


Content-Key: 3268441470


Printed on: May 23, 2024 at 00:05 o'clock