Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-2334)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.11.1 : openssl (EulerOS-SA-2024-2160)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Use After Free with SSLfreebuffersCVE-2024-4741 Issue summary: Some non-default TLS server configurations can cause unbounded memo...

EulerOS Virtualization 2.11.0 : openssl (EulerOS-SA-2024-2185)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Use After Free with SSLfreebuffersCVE-2024-4741 Issue summary: Some non-default TLS server configurations can cause unbounded memo...

ROS-20240522-04

Vulnerability of OpenSSL cryptographic library is related to the use of non-standard option SSLOPNOTICKET option, in which case the session cache continues to grow indefinitely. Exploiting the vulnerability could Allow an attacker acting remotely to cause a denial of service...

Amazon Linux 2 : edk2 (ALAS-2024-2539)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2539 advisory. Issue summary: Some non-default TLS server configurations can cause unboundedmemory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to...

CVE-2024-2511

A flaw was found in OpenSSL. A malicious client can trigger an uncontrolled memory consumption, resulting in a Denial of Service. This issue occurs due to OpenSSL's TLSv3.1 session cache going into an incorrect state, leading to it failing to flush properly as it fills. OpenSSL must be configured...

CVE-2024-2511

Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in...

CVE-2024-2511 Unbounded memory growth with session handling in TLSv1.3

Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in...