31 matches found
Azure Linux 3.0 Security Update: edk2 / hvloader / openssl (CVE-2024-4741)
The version of edk2 / hvloader / openssl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4741 advisory. - Issue summary: Calling the OpenSSL API function SSLfreebuffers May cause memory to be...
Use After Free with SSL_free_buffers
...
CVE-2024-4741
Issue summary: Calling the OpenSSL API function SSLfreebuffers may cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code...
CVE-2024-4741
Issue summary: Calling the OpenSSL API function SSLfreebuffers may cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code...
CVE-2024-4741
Issue summary: Calling the OpenSSL API function SSLfreebuffers may cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code...
CVE-2024-4741 Use After Free with SSL_free_buffers
Issue summary: Calling the OpenSSL API function SSLfreebuffers may cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code...
Low: Red Hat Security Advisory: openssl and openssl-fips-provider security update
An update for openssl and openssl-fips-provider is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
ALSA-2024:9333 Low: openssl security update
OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: Unbounded memory growth with session handling in TLSv1.3 CVE-2024-2511 openssl: Excessive time...
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-2610)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : openssl (EulerOS-SA-2024-2375)
According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in OpenSSL up to 1.1.1x/3.0.13/3.1.5/3.2.1/3.3.0 Network Encryption Software. It has been declared as very critical...
EulerOS 2.0 SP12 : openssl (EulerOS-SA-2024-2346)
According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in OpenSSL up to 1.1.1x/3.0.13/3.1.5/3.2.1/3.3.0 Network Encryption Software. It has been declared as very critical...
EulerOS 2.0 SP12 : openssl (EulerOS-SA-2024-2354)
According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in OpenSSL up to 1.1.1x/3.0.13/3.1.5/3.2.1/3.3.0 Network Encryption Software. It has been declared as very critical...
Medium: openssl11
Issue Overview: openssl: Use After Free with SSLfreebuffers CVE-2024-4741 Issue summary: Calling the OpenSSL API function SSLselectnextproto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a...
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-2090)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 Security Update : openssl-1_1-livepatches (SUSE-SU-2024:2271-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:2271-1 advisory. - CVE-2024-4741: Fixed a use-after-free with SSLfreebuffers. bsc1225551 Tenable has extracted the preceding description block directly from the SUSE...
openSUSE: Security Advisory for openssl (SUSE-SU-2024:2088-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:2089-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2024:2088-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:2088-1 Security update for openssl-3
This update for openssl-3 fixes the following issues: - CVE-2024-4741: Fixed a use-after-free with SSLfreebuffers. bsc1225551...
openSUSE Security Advisory (SUSE-SU-2024:2051-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...