Goto Top

OpenSSL version 3.0.4 affected by serious security vulnerability

Admins/users running OpenSSL version 3.0.4 dated June 21, 2022 should update their systems to version 3.0.5 as soon as possible. The vulnerability allows remote code execution to execute foreign code on the affected systems.
The above mentioned version is affected on systems that support the AVX512IFMA CPU extensions and occurs in connection with RSA 2048bit private keys. OpenSSL branches 1.1.1 and 1.0.2 are not affected.

OpenSSL Security Advisory [5 July 2022]


Content-Key: 3268441470


Printed on: March 27, 2023 at 21:03 o'clock