FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

OpenSSL -- Unbounded memory growth with session handling in TLSv1.3

Affected packages
		openssl	<	3.0.13_3,1
		openssl31	<	3.1.5_3
		openssl32	<	3.2.1_2
		openssl-quictls	<	3.0.13_3
		openssl31-quictls	<	3.1.5_1

Details

VuXML ID	7c217849-f7d7-11ee-a490-84a93843eb75
Discovery	2024-04-08
Entry	2024-04-11

The OpenSSL project reports:

Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions

[source]

References

CVE Name	CVE-2024-2511
URL	https://www.openssl.org/news/secadv/20240408.txt

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.