OpenSSL to Release Security Patch for Remote Memory Corruption Vulnerability


The problem has been found in OpenSSL 3.0.4, which was made available on June 21, 2022. It affects x64 systems using the AVX-512 instruction set. The OpenSSL forks BoringSSL and LibreSSL are unaffected, nor is OpenSSL 1.1.1.

The problem was discovered by security researcher Guido Vranken at the end of May, and he stated that it “may be triggered trivially by an attacker.” Although the flaw has been resolved, there are currently no patches available. Read More…